summaryrefslogtreecommitdiffstats
path: root/application/basilisk/base/content
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2019-02-28 14:16:09 +0100
committerwolfbeast <mcwerewolf@wolfbeast.com>2019-02-28 14:16:09 +0100
commitf227feb6efbfa61c62cba88ab85df3c650311560 (patch)
tree1894f5e63b43ad6eca7270a0dedd7b0e678e403a /application/basilisk/base/content
parentc08b490c5c44f5f04049f408ad0848e9843f0702 (diff)
downloadUXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar
UXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar.gz
UXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar.lz
UXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar.xz
UXP-f227feb6efbfa61c62cba88ab85df3c650311560.zip
Update Basilisk FE code with HTTP Auth DoS protection.
Diffstat (limited to 'application/basilisk/base/content')
-rw-r--r--application/basilisk/base/content/browser.js5
-rw-r--r--application/basilisk/base/content/tabbrowser.xml5
-rw-r--r--application/basilisk/base/content/urlbarBindings.xml3
3 files changed, 12 insertions, 1 deletions
diff --git a/application/basilisk/base/content/browser.js b/application/basilisk/base/content/browser.js
index 9fb997a42..336670fa0 100644
--- a/application/basilisk/base/content/browser.js
+++ b/application/basilisk/base/content/browser.js
@@ -3094,6 +3094,11 @@ function getWebNavigation()
}
function BrowserReloadWithFlags(reloadFlags) {
+
+ // Reset DOS mitigation for auth prompts when user initiates a reload.
+ let browser = gBrowser.selectedBrowser;
+ delete browser.authPromptCounter;
+
let url = gBrowser.currentURI.spec;
if (gBrowser.updateBrowserRemotenessByURL(gBrowser.selectedBrowser, url)) {
// If the remoteness has changed, the new browser doesn't have any
diff --git a/application/basilisk/base/content/tabbrowser.xml b/application/basilisk/base/content/tabbrowser.xml
index 043838020..c84c333c4 100644
--- a/application/basilisk/base/content/tabbrowser.xml
+++ b/application/basilisk/base/content/tabbrowser.xml
@@ -2991,7 +2991,10 @@
<parameter name="aTab"/>
<body>
<![CDATA[
- this.getBrowserForTab(aTab).reload();
+ let browser = this.getBrowserForTab(aTab);
+ // Reset DOS mitigation for basic auth prompt
+ delete browser.authPromptCounter;
+ browser.reload();
]]>
</body>
</method>
diff --git a/application/basilisk/base/content/urlbarBindings.xml b/application/basilisk/base/content/urlbarBindings.xml
index ad11f7fdf..b9c17818a 100644
--- a/application/basilisk/base/content/urlbarBindings.xml
+++ b/application/basilisk/base/content/urlbarBindings.xml
@@ -540,6 +540,9 @@ file, You can obtain one at http://mozilla.org/MPL/2.0/.
Cu.reportError(ex);
}
+ // Reset DOS mitigations for the basic auth prompt.
+ delete browser.authPromptCounter;
+
let params = {
postData,
allowThirdPartyFixup: true,