summaryrefslogtreecommitdiffstats
path: root/docshell
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-22 19:03:22 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-22 19:03:22 +0200
commitf1e5578718ea8883438cfea06d3c55d25f5c0278 (patch)
tree5afce22662aad4e58a894d061ed65ac3ce68cee7 /docshell
parent1b4c4256ee7705724b02919b4d432b2a391bcd04 (diff)
downloadUXP-f1e5578718ea8883438cfea06d3c55d25f5c0278.tar
UXP-f1e5578718ea8883438cfea06d3c55d25f5c0278.tar.gz
UXP-f1e5578718ea8883438cfea06d3c55d25f5c0278.tar.lz
UXP-f1e5578718ea8883438cfea06d3c55d25f5c0278.tar.xz
UXP-f1e5578718ea8883438cfea06d3c55d25f5c0278.zip
moebius#226: Consider blocking top level window data: URIs (part 2/2 without tests)
https://github.com/MoonchildProductions/moebius/pull/226
Diffstat (limited to 'docshell')
-rw-r--r--docshell/base/nsDSURIContentListener.cpp9
-rw-r--r--docshell/base/nsDocShell.cpp10
2 files changed, 10 insertions, 9 deletions
diff --git a/docshell/base/nsDSURIContentListener.cpp b/docshell/base/nsDSURIContentListener.cpp
index 93ce3cb26..ee6a4dd62 100644
--- a/docshell/base/nsDSURIContentListener.cpp
+++ b/docshell/base/nsDSURIContentListener.cpp
@@ -17,6 +17,7 @@
#include "nsIHttpChannel.h"
#include "nsIScriptSecurityManager.h"
#include "nsError.h"
+#include "nsContentSecurityManager.h"
#include "nsCharSeparatedTokenizer.h"
#include "nsIConsoleService.h"
#include "nsIScriptError.h"
@@ -93,6 +94,14 @@ nsDSURIContentListener::DoContent(const nsACString& aContentType,
if (aOpenedChannel) {
aOpenedChannel->GetLoadFlags(&loadFlags);
+
+ // block top-level data URI navigations if triggered by the web
+ if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI(aOpenedChannel)) {
+ // logging to console happens within AllowTopLevelNavigationToDataURI
+ aRequest->Cancel(NS_ERROR_DOM_BAD_URI);
+ *aAbortProcess = true;
+ return NS_OK;
+ }
}
if (loadFlags & nsIChannel::LOAD_RETARGETED_DOCUMENT_URI) {
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index ae97a7c9e..596bd5d84 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -9885,15 +9885,6 @@ nsDocShell::InternalLoad(nsIURI* aURI,
contentType = nsIContentPolicy::TYPE_DOCUMENT;
}
- if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
- aURI,
- contentType,
- aTriggeringPrincipal,
- (aLoadType == LOAD_NORMAL_EXTERNAL))) {
- // logging to console happens within AllowTopLevelNavigationToDataURI
- return NS_OK;
- }
-
// If there's no targetDocShell, that means we are about to create a new window,
// perform a content policy check before creating the window.
if (!targetDocShell) {
@@ -10962,6 +10953,7 @@ nsDocShell::DoURILoad(nsIURI* aURI,
if (aPrincipalToInherit) {
loadInfo->SetPrincipalToInherit(aPrincipalToInherit);
}
+ loadInfo->SetLoadTriggeredFromExternal(aLoadFromExternal);
// We have to do this in case our OriginAttributes are different from the
// OriginAttributes of the parent document. Or in case there isn't a