diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-26 12:36:58 +0200 |
---|---|---|
committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-26 12:36:58 +0200 |
commit | 28a3484e2b6ac0129ed173cdb4827f9de33c73c5 (patch) | |
tree | d736a013fa5c4ae373ab1d7e4b1cb460374f467b | |
parent | db90929b347689af4a89d8e82ae1424980eee1b9 (diff) | |
download | UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar.gz UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar.lz UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar.xz UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.zip |
Bug 1189073 - Handle entering 'localhost:12345' into the cookie exceptions dialog correctly
-rw-r--r-- | application/palemoon/components/preferences/permissions.js | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/application/palemoon/components/preferences/permissions.js b/application/palemoon/components/preferences/permissions.js index 03e07a916..8f559b0e0 100644 --- a/application/palemoon/components/preferences/permissions.js +++ b/application/palemoon/components/preferences/permissions.js @@ -86,14 +86,25 @@ var gPermissionManager = { var input_url = textbox.value.replace(/^\s*/, ""); // trim any leading space let principal; try { - // If the uri doesn't successfully parse, try adding a http:// and parsing again + // The origin accessor on the principal object will throw if the + // principal doesn't have a canonical origin representation. This will + // help catch cases where the URI parser parsed something like + // `localhost:8080` as having the scheme `localhost`, rather than being + // an invalid URI. A canonical origin representation is required by the + // permission manager for storage, so this won't prevent any valid + // permissions from being entered by the user. let uri; try { uri = Services.io.newURI(input_url, null, null); + principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); + // If we have ended up with an unknown scheme, the following will throw. + principal.origin; } catch(ex) { uri = Services.io.newURI("http://" + input_url, null, null); + principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); + // If we have ended up with an unknown scheme, the following will throw. + principal.origin; } - principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); } catch(ex) { var message = this._bundle.getString("invalidURI"); var title = this._bundle.getString("invalidURITitle"); |