summaryrefslogtreecommitdiffstats
path: root/netwerk/base/nsNetUtil.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'netwerk/base/nsNetUtil.cpp')
-rw-r--r--netwerk/base/nsNetUtil.cpp56
1 files changed, 32 insertions, 24 deletions
diff --git a/netwerk/base/nsNetUtil.cpp b/netwerk/base/nsNetUtil.cpp
index 653a9003e..2974e26b0 100644
--- a/netwerk/base/nsNetUtil.cpp
+++ b/netwerk/base/nsNetUtil.cpp
@@ -10,6 +10,7 @@
#include "mozilla/LoadContext.h"
#include "mozilla/LoadInfo.h"
#include "mozilla/BasePrincipal.h"
+#include "mozilla/Preferences.h"
#include "mozilla/Telemetry.h"
#include "nsNetUtil.h"
#include "nsNetUtilInlines.h"
@@ -1821,33 +1822,40 @@ NS_RelaxStrictFileOriginPolicy(nsIURI *aTargetURI,
return false;
}
- //
- // If the file to be loaded is in a subdirectory of the source
- // (or same-dir if source is not a directory) then it will
- // inherit its source principal and be scriptable by that source.
- //
- bool sourceIsDir;
- bool allowed = false;
- nsresult rv = sourceFile->IsDirectory(&sourceIsDir);
- if (NS_SUCCEEDED(rv) && sourceIsDir) {
- rv = sourceFile->Contains(targetFile, &allowed);
- } else {
- nsCOMPtr<nsIFile> sourceParent;
- rv = sourceFile->GetParent(getter_AddRefs(sourceParent));
- if (NS_SUCCEEDED(rv) && sourceParent) {
- rv = sourceParent->Equals(targetFile, &allowed);
- if (NS_FAILED(rv) || !allowed) {
- rv = sourceParent->Contains(targetFile, &allowed);
- } else {
- MOZ_ASSERT(aAllowDirectoryTarget,
- "sourceFile->Parent == targetFile, but targetFile "
- "should've been disallowed if it is a directory");
+ bool uniqueOrigin = true;
+ uniqueOrigin = Preferences::GetBool("security.fileuri.unique_origin");
+
+ // If treating all files as unique origins, we can skip this because
+ // it should always be refused.
+ if (!uniqueOrigin) {
+ //
+ // If the file to be loaded is in a subdirectory of the source
+ // (or same-dir if source is not a directory) then it will
+ // inherit its source principal and be scriptable by that source.
+ //
+ bool sourceIsDir;
+ bool allowed = false;
+ nsresult rv = sourceFile->IsDirectory(&sourceIsDir);
+ if (NS_SUCCEEDED(rv) && sourceIsDir) {
+ rv = sourceFile->Contains(targetFile, &allowed);
+ } else {
+ nsCOMPtr<nsIFile> sourceParent;
+ rv = sourceFile->GetParent(getter_AddRefs(sourceParent));
+ if (NS_SUCCEEDED(rv) && sourceParent) {
+ rv = sourceParent->Equals(targetFile, &allowed);
+ if (NS_FAILED(rv) || !allowed) {
+ rv = sourceParent->Contains(targetFile, &allowed);
+ } else {
+ MOZ_ASSERT(aAllowDirectoryTarget,
+ "sourceFile->Parent == targetFile, but targetFile "
+ "should've been disallowed if it is a directory");
+ }
}
}
- }
- if (NS_SUCCEEDED(rv) && allowed) {
- return true;
+ if (NS_SUCCEEDED(rv) && allowed) {
+ return true;
+ }
}
return false;