summaryrefslogtreecommitdiffstats
path: root/caps/nsScriptSecurityManager.cpp
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-06-24 11:12:28 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-06-24 11:12:28 +0200
commit83be316ca4f669e2e72d2afa7bb74bdddf085b68 (patch)
tree3981963dfe434b6c2e46f89824e4680f315a4a23 /caps/nsScriptSecurityManager.cpp
parentd819da37b01e87e5e067ae37092cd2044e6a40e3 (diff)
downloadUXP-83be316ca4f669e2e72d2afa7bb74bdddf085b68.tar
UXP-83be316ca4f669e2e72d2afa7bb74bdddf085b68.tar.gz
UXP-83be316ca4f669e2e72d2afa7bb74bdddf085b68.tar.lz
UXP-83be316ca4f669e2e72d2afa7bb74bdddf085b68.tar.xz
UXP-83be316ca4f669e2e72d2afa7bb74bdddf085b68.zip
Restrict web access to moz-icon:// scheme
This resolves #542
Diffstat (limited to 'caps/nsScriptSecurityManager.cpp')
-rw-r--r--caps/nsScriptSecurityManager.cpp19
1 files changed, 16 insertions, 3 deletions
diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp
index a219dcaed..0277f771d 100644
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -836,6 +836,16 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
// exception for foo: linking to view-source:foo for reftests...
return NS_OK;
}
+ else if ((!sourceScheme.EqualsIgnoreCase("http") &&
+ !sourceScheme.EqualsIgnoreCase("https")) &&
+ targetScheme.EqualsIgnoreCase("moz-icon"))
+ {
+ // Exception for linking to moz-icon://.ext?size=...
+ // Note that because targetScheme is the base (innermost) URI scheme,
+ // this does NOT allow e.g. file -> moz-icon:file:///... links.
+ // This is intentional.
+ return NS_OK;
+ }
// If we get here, check all the schemes can link to each other, from the top down:
nsCaseInsensitiveCStringComparator stringComparator;
@@ -976,9 +986,12 @@ nsScriptSecurityManager::CheckLoadURIFlags(nsIURI *aSourceURI,
if (hasFlags) {
if (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) {
- // For now, don't change behavior for resource:// or moz-icon:// and
- // just allow them.
- if (!targetScheme.EqualsLiteral("chrome")) {
+ // For now, don't change behavior for resource:// and
+ // just allow it. This is required for extensions injecting
+ // extension-internal resource URLs in snippets in pages, e.g.
+ // Adding custom controls in-page.
+ if (!targetScheme.EqualsLiteral("chrome") &&
+ !targetScheme.EqualsLiteral("moz-icon")) {
return NS_OK;
}