summaryrefslogtreecommitdiffstats
path: root/dom/jsurl
diff options
context:
space:
mode:
Diffstat (limited to 'dom/jsurl')
-rw-r--r--dom/jsurl/nsJSProtocolHandler.cpp49
1 files changed, 32 insertions, 17 deletions
diff --git a/dom/jsurl/nsJSProtocolHandler.cpp b/dom/jsurl/nsJSProtocolHandler.cpp
index 90171db10..cdb63f890 100644
--- a/dom/jsurl/nsJSProtocolHandler.cpp
+++ b/dom/jsurl/nsJSProtocolHandler.cpp
@@ -36,6 +36,7 @@
#include "nsIContentViewer.h"
#include "nsIXPConnect.h"
#include "nsContentUtils.h"
+#include "nsNullPrincipal.h"
#include "nsJSUtils.h"
#include "nsThreadUtils.h"
#include "nsIScriptChannel.h"
@@ -335,7 +336,7 @@ public:
NS_FORWARD_SAFE_NSIPROPERTYBAG(mPropertyBag)
NS_FORWARD_SAFE_NSIPROPERTYBAG2(mPropertyBag)
- nsresult Init(nsIURI *aURI, nsILoadInfo* aLoadInfo);
+ nsresult Init(nsIURI *aURI);
// Actually evaluate the script.
void EvaluateScript();
@@ -353,16 +354,17 @@ protected:
nsCOMPtr<nsIChannel> mStreamChannel;
nsCOMPtr<nsIPropertyBag2> mPropertyBag;
nsCOMPtr<nsIStreamListener> mListener; // Our final listener
+ nsCOMPtr<nsISupports> mContext; // The context passed to AsyncOpen
nsCOMPtr<nsPIDOMWindowInner> mOriginalInnerWindow; // The inner window our load
// started against.
- // If we blocked onload on a document in AsyncOpen2, this is the document we
+ // If we blocked onload on a document in AsyncOpen, this is the document we
// did it on.
nsCOMPtr<nsIDocument> mDocumentOnloadBlockedOn;
nsresult mStatus; // Our status
nsLoadFlags mLoadFlags;
- nsLoadFlags mActualLoadFlags; // See AsyncOpen2
+ nsLoadFlags mActualLoadFlags; // See AsyncOpen
RefPtr<nsJSThunk> mIOThunk;
PopupControlState mPopupState;
@@ -402,7 +404,7 @@ nsresult nsJSChannel::StopAll()
return rv;
}
-nsresult nsJSChannel::Init(nsIURI* aURI, nsILoadInfo* aLoadInfo)
+nsresult nsJSChannel::Init(nsIURI *aURI)
{
RefPtr<nsJSURI> jsURI;
nsresult rv = aURI->QueryInterface(kJSURICID,
@@ -416,13 +418,21 @@ nsresult nsJSChannel::Init(nsIURI* aURI, nsILoadInfo* aLoadInfo)
// Remember, until AsyncOpen is called, the script will not be evaluated
// and the underlying Input Stream will not be created...
nsCOMPtr<nsIChannel> channel;
- rv = NS_NewInputStreamChannelInternal(getter_AddRefs(channel),
- aURI,
- mIOThunk,
- NS_LITERAL_CSTRING("text/html"),
- EmptyCString(),
- aLoadInfo);
- NS_ENSURE_SUCCESS(rv, rv);
+
+ nsCOMPtr<nsIPrincipal> nullPrincipal = nsNullPrincipal::Create();
+
+ // If the resultant script evaluation actually does return a value, we
+ // treat it as html.
+ // The following channel is never openend, so it does not matter what
+ // securityFlags we pass; let's follow the principle of least privilege.
+ rv = NS_NewInputStreamChannel(getter_AddRefs(channel),
+ aURI,
+ mIOThunk,
+ nullPrincipal,
+ nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED,
+ nsIContentPolicy::TYPE_OTHER,
+ NS_LITERAL_CSTRING("text/html"));
+ if (NS_FAILED(rv)) return rv;
rv = mIOThunk->Init(aURI);
if (NS_SUCCEEDED(rv)) {
@@ -553,7 +563,6 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
"security flags in loadInfo but asyncOpen2() not called");
}
#endif
- MOZ_RELEASE_ASSERT(!aContext, "please call AsyncOpen2()");
NS_ENSURE_ARG(aListener);
@@ -575,6 +584,7 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
}
mListener = aListener;
+ mContext = aContext;
mIsActive = true;
@@ -645,7 +655,7 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
return mStatus;
}
- // We're returning success from asyncOpen2(), but we didn't open a
+ // We're returning success from asyncOpen(), but we didn't open a
// stream channel. We'll have to notify ourselves, but make sure to do
// it asynchronously.
method = &nsJSChannel::NotifyListener;
@@ -762,7 +772,7 @@ nsJSChannel::EvaluateScript()
return;
}
- mStatus = mStreamChannel->AsyncOpen2(this);
+ mStatus = mStreamChannel->AsyncOpen(this, mContext);
if (NS_SUCCEEDED(mStatus)) {
// mStreamChannel will call OnStartRequest and OnStopRequest on
// us, so we'll be sure to call them on our listener.
@@ -790,8 +800,8 @@ nsJSChannel::EvaluateScript()
void
nsJSChannel::NotifyListener()
{
- mListener->OnStartRequest(this, nullptr);
- mListener->OnStopRequest(this, nullptr, mStatus);
+ mListener->OnStartRequest(this, mContext);
+ mListener->OnStopRequest(this, mContext, mStatus);
CleanupStrongRefs();
}
@@ -800,6 +810,7 @@ void
nsJSChannel::CleanupStrongRefs()
{
mListener = nullptr;
+ mContext = nullptr;
mOriginalInnerWindow = nullptr;
if (mDocumentOnloadBlockedOn) {
mDocumentOnloadBlockedOn->UnblockOnload(false);
@@ -1229,7 +1240,11 @@ nsJSProtocolHandler::NewChannel2(nsIURI* uri,
return NS_ERROR_OUT_OF_MEMORY;
}
- rv = channel->Init(uri, aLoadInfo);
+ rv = channel->Init(uri);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // set the loadInfo on the new channel
+ rv = channel->SetLoadInfo(aLoadInfo);
NS_ENSURE_SUCCESS(rv, rv);
if (NS_SUCCEEDED(rv)) {