summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-26 12:36:58 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-26 12:36:58 +0200
commit28a3484e2b6ac0129ed173cdb4827f9de33c73c5 (patch)
treed736a013fa5c4ae373ab1d7e4b1cb460374f467b
parentdb90929b347689af4a89d8e82ae1424980eee1b9 (diff)
downloadUXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar
UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar.gz
UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar.lz
UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.tar.xz
UXP-28a3484e2b6ac0129ed173cdb4827f9de33c73c5.zip
Bug 1189073 - Handle entering 'localhost:12345' into the cookie exceptions dialog correctly
-rw-r--r--application/palemoon/components/preferences/permissions.js15
1 files changed, 13 insertions, 2 deletions
diff --git a/application/palemoon/components/preferences/permissions.js b/application/palemoon/components/preferences/permissions.js
index 03e07a916..8f559b0e0 100644
--- a/application/palemoon/components/preferences/permissions.js
+++ b/application/palemoon/components/preferences/permissions.js
@@ -86,14 +86,25 @@ var gPermissionManager = {
var input_url = textbox.value.replace(/^\s*/, ""); // trim any leading space
let principal;
try {
- // If the uri doesn't successfully parse, try adding a http:// and parsing again
+ // The origin accessor on the principal object will throw if the
+ // principal doesn't have a canonical origin representation. This will
+ // help catch cases where the URI parser parsed something like
+ // `localhost:8080` as having the scheme `localhost`, rather than being
+ // an invalid URI. A canonical origin representation is required by the
+ // permission manager for storage, so this won't prevent any valid
+ // permissions from being entered by the user.
let uri;
try {
uri = Services.io.newURI(input_url, null, null);
+ principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri);
+ // If we have ended up with an unknown scheme, the following will throw.
+ principal.origin;
} catch(ex) {
uri = Services.io.newURI("http://" + input_url, null, null);
+ principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri);
+ // If we have ended up with an unknown scheme, the following will throw.
+ principal.origin;
}
- principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri);
} catch(ex) {
var message = this._bundle.getString("invalidURI");
var title = this._bundle.getString("invalidURITitle");