diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-07-15 14:13:14 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-07-22 12:11:54 +0200 |
| commit | 8799198822e5f604d2d80824611fa37cdf72d7cf (patch) | |
| tree | 29e927536487e5fd37826815a5f583ceb38bfcbb /netwerk/protocol/http/nsHttpChannelAuthProvider.h | |
| parent | 96d7912843ba053a44679e993c4d9d10e70969f8 (diff) | |
| download | UXP-8799198822e5f604d2d80824611fa37cdf72d7cf.tar UXP-8799198822e5f604d2d80824611fa37cdf72d7cf.tar.gz UXP-8799198822e5f604d2d80824611fa37cdf72d7cf.tar.lz UXP-8799198822e5f604d2d80824611fa37cdf72d7cf.tar.xz UXP-8799198822e5f604d2d80824611fa37cdf72d7cf.zip | |
Block http auth prompt for cross-origin image subresources by default.
Still allow this to be bypassed with a pref for those really rare corner
cases where images are loaded cross-origin by design and the session
hasn't been/can't be authenticated ahead of time.
Diffstat (limited to 'netwerk/protocol/http/nsHttpChannelAuthProvider.h')
| -rw-r--r-- | netwerk/protocol/http/nsHttpChannelAuthProvider.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.h b/netwerk/protocol/http/nsHttpChannelAuthProvider.h index 44d79b22b..0d6045875 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.h +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.h @@ -179,10 +179,11 @@ private: RefPtr<nsHttpHandler> mHttpHandler; // keep gHttpHandler alive - // A variable holding the preference settings to whether to open HTTP + // Variables holding the preference settings for whether to open HTTP // authentication credentials dialogs for sub-resources and cross-origin // sub-resources. static uint32_t sAuthAllowPref; + static bool sImgCrossOriginAuthAllowPref; nsCOMPtr<nsICancelable> mGenerateCredentialsCancelable; }; |