summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoonchild <git-repo@palemoon.org>2019-05-25 12:29:51 +0000
committerGitHub <noreply@github.com>2019-05-25 12:29:51 +0000
commit72260727093c92eaca78a3ea4d32bfafa49af8c3 (patch)
treeba5878e5f6cf7eaa6ee82d098e6757e4211a91ee
parente24e6346b70d3d212e9c9b7aa14f79f1d3ea86e8 (diff)
parentca9e6a4fa9d075bc9cce68b7fb44a7f1bcf3f8c7 (diff)
downloadUXP-72260727093c92eaca78a3ea4d32bfafa49af8c3.tar
UXP-72260727093c92eaca78a3ea4d32bfafa49af8c3.tar.gz
UXP-72260727093c92eaca78a3ea4d32bfafa49af8c3.tar.lz
UXP-72260727093c92eaca78a3ea4d32bfafa49af8c3.tar.xz
UXP-72260727093c92eaca78a3ea4d32bfafa49af8c3.zip
Merge pull request #1114 from g4jc/disable-meta-cookie
Disable <meta http-equiv=set-cookie>
-rw-r--r--dom/base/nsContentSink.cpp3
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_image_inner.html1
-rw-r--r--extensions/cookie/test/file_image_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_image_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_image_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_loadflags_inner.html1
-rw-r--r--extensions/cookie/test/file_loadflags_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_localhost_inner.html1
-rw-r--r--extensions/cookie/test/file_localhost_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_loopback_inner.html1
-rw-r--r--extensions/cookie/test/file_loopback_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_subdomain_inner.html1
-rw-r--r--extensions/cookie/test/file_subdomain_inner.html^headers^1
-rw-r--r--extensions/cookie/test/mochitest.ini11
-rw-r--r--extensions/cookie/test/test_same_base_domain.html2
-rw-r--r--extensions/cookie/test/test_same_base_domain_2.html2
-rw-r--r--extensions/cookie/test/test_same_base_domain_3.html2
-rw-r--r--extensions/cookie/test/test_same_base_domain_5.html2
-rw-r--r--extensions/cookie/test/test_samedomain.html2
-rw-r--r--modules/libpref/init/all.js3
30 files changed, 32 insertions, 17 deletions
diff --git a/dom/base/nsContentSink.cpp b/dom/base/nsContentSink.cpp
index 85b3d07bf..490f0ec17 100644
--- a/dom/base/nsContentSink.cpp
+++ b/dom/base/nsContentSink.cpp
@@ -304,7 +304,8 @@ nsContentSink::ProcessHeaderData(nsIAtom* aHeader, const nsAString& aValue,
mDocument->SetHeaderData(aHeader, aValue);
- if (aHeader == nsGkAtoms::setcookie) {
+ if (aHeader == nsGkAtoms::setcookie &&
+ Preferences::GetBool("dom.meta-set-cookie.enabled", true)) {
// Don't allow setting cookies in cookie-averse documents.
if (mDocument->IsCookieAverse()) {
return NS_OK;
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner.html
index 1a3734597..a62e1b9e4 100644
--- a/extensions/cookie/test/file_domain_hierarchy_inner.html
+++ b/extensions/cookie/test/file_domain_hierarchy_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^
new file mode 100644
index 000000000..993cedb90
--- /dev/null
+++ b/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html
index 3075b971a..9b8f1a2f3 100644
--- a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2">
<script type="text/javascript">
document.cookie = "can2=has2";
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^
new file mode 100644
index 000000000..405494cd6
--- /dev/null
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta2=tag2
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html
index e8d09338b..d306efb1c 100644
--- a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta3=tag3">
<script type="text/javascript">
document.cookie = "can3=has3";
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^
new file mode 100644
index 000000000..add3336ec
--- /dev/null
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta3=tag3
diff --git a/extensions/cookie/test/file_domain_inner.html b/extensions/cookie/test/file_domain_inner.html
index 1a05c45f8..9db41e904 100644
--- a/extensions/cookie/test/file_domain_inner.html
+++ b/extensions/cookie/test/file_domain_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_domain_inner.html^headers^ b/extensions/cookie/test/file_domain_inner.html^headers^
new file mode 100644
index 000000000..993cedb90
--- /dev/null
+++ b/extensions/cookie/test/file_domain_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_domain_inner_inner.html b/extensions/cookie/test/file_domain_inner_inner.html
index 7bc0e44a9..5850e3fa0 100644
--- a/extensions/cookie/test/file_domain_inner_inner.html
+++ b/extensions/cookie/test/file_domain_inner_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2">
<script type="text/javascript">
document.cookie = "can2=has2";
diff --git a/extensions/cookie/test/file_domain_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_inner_inner.html^headers^
new file mode 100644
index 000000000..405494cd6
--- /dev/null
+++ b/extensions/cookie/test/file_domain_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta2=tag2
diff --git a/extensions/cookie/test/file_image_inner.html b/extensions/cookie/test/file_image_inner.html
index aada82d71..902a055e4 100644
--- a/extensions/cookie/test/file_image_inner.html
+++ b/extensions/cookie/test/file_image_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_image_inner.html^headers^ b/extensions/cookie/test/file_image_inner.html^headers^
new file mode 100644
index 000000000..993cedb90
--- /dev/null
+++ b/extensions/cookie/test/file_image_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_image_inner_inner.html b/extensions/cookie/test/file_image_inner_inner.html
index 1989b53de..d24ae0d27 100644
--- a/extensions/cookie/test/file_image_inner_inner.html
+++ b/extensions/cookie/test/file_image_inner_inner.html
@@ -3,7 +3,6 @@
<head>
<link rel="stylesheet" type="text/css" media="all" href="http://example.org/tests/extensions/cookie/test/test1.css" />
<link rel="stylesheet" type="text/css" media="all" href="http://example.com/tests/extensions/cookie/test/test2.css" />
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2">
<script type="text/javascript">
function runTest() {
document.cookie = "can2=has2";
diff --git a/extensions/cookie/test/file_image_inner_inner.html^headers^ b/extensions/cookie/test/file_image_inner_inner.html^headers^
new file mode 100644
index 000000000..405494cd6
--- /dev/null
+++ b/extensions/cookie/test/file_image_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta2=tag2
diff --git a/extensions/cookie/test/file_loadflags_inner.html b/extensions/cookie/test/file_loadflags_inner.html
index 5a7a6ccc1..fbea01cfd 100644
--- a/extensions/cookie/test/file_loadflags_inner.html
+++ b/extensions/cookie/test/file_loadflags_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
function runTest() {
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_loadflags_inner.html^headers^ b/extensions/cookie/test/file_loadflags_inner.html^headers^
new file mode 100644
index 000000000..993cedb90
--- /dev/null
+++ b/extensions/cookie/test/file_loadflags_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_localhost_inner.html b/extensions/cookie/test/file_localhost_inner.html
index db9917f00..82641d71c 100644
--- a/extensions/cookie/test/file_localhost_inner.html
+++ b/extensions/cookie/test/file_localhost_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_localhost_inner.html^headers^ b/extensions/cookie/test/file_localhost_inner.html^headers^
new file mode 100644
index 000000000..993cedb90
--- /dev/null
+++ b/extensions/cookie/test/file_localhost_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_loopback_inner.html b/extensions/cookie/test/file_loopback_inner.html
index e6c115c50..9af1a6568 100644
--- a/extensions/cookie/test/file_loopback_inner.html
+++ b/extensions/cookie/test/file_loopback_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_loopback_inner.html^headers^ b/extensions/cookie/test/file_loopback_inner.html^headers^
new file mode 100644
index 000000000..993cedb90
--- /dev/null
+++ b/extensions/cookie/test/file_loopback_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_subdomain_inner.html b/extensions/cookie/test/file_subdomain_inner.html
index 5f608b811..0aab0d852 100644
--- a/extensions/cookie/test/file_subdomain_inner.html
+++ b/extensions/cookie/test/file_subdomain_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_subdomain_inner.html^headers^ b/extensions/cookie/test/file_subdomain_inner.html^headers^
new file mode 100644
index 000000000..993cedb90
--- /dev/null
+++ b/extensions/cookie/test/file_subdomain_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/mochitest.ini b/extensions/cookie/test/mochitest.ini
index 673fad7b8..66c7038e9 100644
--- a/extensions/cookie/test/mochitest.ini
+++ b/extensions/cookie/test/mochitest.ini
@@ -6,16 +6,27 @@ support-files =
damonbowling.jpg^headers^
file_chromecommon.js
file_domain_hierarchy_inner.html
+ file_domain_hierarchy_inner.html^headers^
file_domain_hierarchy_inner_inner.html
+ file_domain_hierarchy_inner_inner.html^headers^
file_domain_hierarchy_inner_inner_inner.html
+ file_domain_hierarchy_inner_inner_inner.html^headers^
file_domain_inner.html
+ file_domain_inner.html^headers^
file_domain_inner_inner.html
+ file_domain_inner_inner.html^headers^
file_image_inner.html
+ file_image_inner.html^headers^
file_image_inner_inner.html
+ file_image_inner_inner.html^headers^
file_loadflags_inner.html
+ file_loadflags_inner.html^headers^
file_localhost_inner.html
+ file_localhost_inner.html^headers^
file_loopback_inner.html
+ file_loopback_inner.html^headers^
file_subdomain_inner.html
+ file_subdomain_inner.html^headers^
file_testcommon.js
file_testloadflags.js
file_testloadflags_chromescript.js
diff --git a/extensions/cookie/test/test_same_base_domain.html b/extensions/cookie/test/test_same_base_domain.html
index 9232b4e09..acf020eb8 100644
--- a/extensions/cookie/test/test_same_base_domain.html
+++ b/extensions/cookie/test/test_same_base_domain.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_domain_inner.html', 5, 2)">
+<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_domain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_same_base_domain_2.html b/extensions/cookie/test/test_same_base_domain_2.html
index d692524c5..44e400858 100644
--- a/extensions/cookie/test/test_same_base_domain_2.html
+++ b/extensions/cookie/test/test_same_base_domain_2.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)">
+<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_same_base_domain_3.html b/extensions/cookie/test/test_same_base_domain_3.html
index f0cd687f9..dfdbabde0 100644
--- a/extensions/cookie/test/test_same_base_domain_3.html
+++ b/extensions/cookie/test/test_same_base_domain_3.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)">
+<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_same_base_domain_5.html b/extensions/cookie/test/test_same_base_domain_5.html
index 49b2379b6..b603158c1 100644
--- a/extensions/cookie/test/test_same_base_domain_5.html
+++ b/extensions/cookie/test/test_same_base_domain_5.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://sub1.test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)">
+<body onload="setupTest('http://sub1.test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_samedomain.html b/extensions/cookie/test/test_samedomain.html
index 9051d3b39..e8f623828 100644
--- a/extensions/cookie/test/test_samedomain.html
+++ b/extensions/cookie/test/test_samedomain.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_domain_inner.html', 5, 2)">
+<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_domain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 123436ebd..ee435d66a 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5199,6 +5199,9 @@ pref("intl.allow-insecure-text-input", false);
// Enable meta-viewport support in remote APZ-enabled frames.
pref("dom.meta-viewport.enabled", false);
+// Disable <meta http-equiv=set-cookie> support. See m-c bug 1457503 / UXP #1102.
+pref("dom.meta-set-cookie.enabled", false);
+
// MozSettings debugging prefs for each component
pref("dom.mozSettings.SettingsDB.debug.enabled", false);
pref("dom.mozSettings.SettingsManager.debug.enabled", false);