summaryrefslogtreecommitdiffstats
path: root/browser/base/content
diff options
context:
space:
mode:
Diffstat (limited to 'browser/base/content')
-rwxr-xr-xbrowser/base/content/browser.js2
-rw-r--r--browser/base/content/utilityOverlay.js6
2 files changed, 7 insertions, 1 deletions
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index 5a54dcc58..d813a55cc 100755
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -5688,7 +5688,7 @@ function middleMousePaste(event) {
function stripUnsafeProtocolOnPaste(pasteData) {
// Don't allow pasting javascript URIs since we don't support
// LOAD_FLAGS_DISALLOW_INHERIT_PRINCIPAL for those.
- return pasteData.replace(/\r?\n/g, "").replace(/^(?:\s*javascript:)+/i, "");
+ return pasteData.replace(/\r?\n/g, "").replace(/^(?:\W*javascript:)+/i, "");
}
// handleDroppedLink has the following 2 overloads:
diff --git a/browser/base/content/utilityOverlay.js b/browser/base/content/utilityOverlay.js
index 7da54e064..833369f4d 100644
--- a/browser/base/content/utilityOverlay.js
+++ b/browser/base/content/utilityOverlay.js
@@ -258,6 +258,12 @@ function openLinkIn(url, where, params) {
}
if (!w || where == "window") {
+ // Strip referrer data when opening a new private window, to prevent
+ // regular browsing data from leaking into it.
+ if (aIsPrivate) {
+ aNoReferrer = true;
+ }
+
// This propagates to window.arguments.
var sa = Cc["@mozilla.org/array;1"].
createInstance(Ci.nsIMutableArray);
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-04 13:26:07 +0000