diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-02-11 12:30:45 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-02-11 12:30:45 +0100 |
| commit | 6184ed7555d622afdad9d888627e0084182ccaa8 (patch) | |
| tree | 9feafa0c64d8a127b44e410530c2be1b13f4765c /dom | |
| parent | 31d8779a2292a917476c9ef85cea1e73be826c96 (diff) | |
| download | UXP-6184ed7555d622afdad9d888627e0084182ccaa8.tar UXP-6184ed7555d622afdad9d888627e0084182ccaa8.tar.gz UXP-6184ed7555d622afdad9d888627e0084182ccaa8.tar.lz UXP-6184ed7555d622afdad9d888627e0084182ccaa8.tar.xz UXP-6184ed7555d622afdad9d888627e0084182ccaa8.zip | |
[CSP] Allow not having a Port for RessourceURI if the Scheme has no
Default Port
Diffstat (limited to 'dom')
| -rw-r--r-- | dom/security/nsCSPUtils.cpp | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp index d07ad7945..6d4f297d6 100644 --- a/dom/security/nsCSPUtils.cpp +++ b/dom/security/nsCSPUtils.cpp @@ -555,7 +555,21 @@ permitsPort(const nsAString& aEnforcementScheme, int32_t resourcePort; nsresult rv = aResourceURI->GetPort(&resourcePort); - NS_ENSURE_SUCCESS(rv, false); + if (NS_FAILED(rv) && aEnforcementPort.IsEmpty()) { + // If we cannot get a Port (e.g. because of an Custom Protocol handler) + // we need to check if a default port is associated with the Scheme + if (aEnforcementScheme.IsEmpty()) { + return false; + } + int defaultPortforScheme = + NS_GetDefaultPort(NS_ConvertUTF16toUTF8(aEnforcementScheme).get()); + + // If there is no default port associated with the Scheme ( + // defaultPortforScheme == -1) or it is an externally handled protocol ( + // defaultPortforScheme == 0 ) and the csp does not enforce a port - we can + // allow not having a port + return (defaultPortforScheme == -1 || defaultPortforScheme == 0); + } // Avoid unnecessary string creation/manipulation and don't block the // load if the resource to be loaded uses the default port for that |