diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-22 20:28:18 +0200 |
---|---|---|
committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-22 20:28:18 +0200 |
commit | 660d01438a6a29ebd43f592ac7d6df2dad6a6962 (patch) | |
tree | eb5aa299dfa4db3fee25031dcf523559df6a4baf /browser/base/content | |
parent | f1e5578718ea8883438cfea06d3c55d25f5c0278 (diff) | |
download | UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar.gz UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar.lz UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar.xz UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.zip |
moebius#230: Consider blocking top level window data: URIs (part 3/3 without tests)
https://github.com/MoonchildProductions/moebius/pull/230
Diffstat (limited to 'browser/base/content')
-rw-r--r-- | browser/base/content/nsContextMenu.js | 3 | ||||
-rw-r--r-- | browser/base/content/utilityOverlay.js | 5 |
2 files changed, 7 insertions, 1 deletions
diff --git a/browser/base/content/nsContextMenu.js b/browser/base/content/nsContextMenu.js index 8eb9b034f..ddf695202 100644 --- a/browser/base/content/nsContextMenu.js +++ b/browser/base/content/nsContextMenu.js @@ -1158,7 +1158,8 @@ nsContextMenu.prototype = { this.browser.contentPrincipal, Ci.nsIScriptSecurityManager.DISALLOW_SCRIPT); openUILink(this.mediaURL, e, { disallowInheritPrincipal: true, - referrerURI: referrerURI }); + referrerURI: referrerURI, + forceAllowDataURI: true }); } }, diff --git a/browser/base/content/utilityOverlay.js b/browser/base/content/utilityOverlay.js index 0b703b6f8..6ceaf773e 100644 --- a/browser/base/content/utilityOverlay.js +++ b/browser/base/content/utilityOverlay.js @@ -197,6 +197,7 @@ function openUILinkIn(url, where, aAllowThirdPartyFixup, aPostData, aReferrerURI openLinkIn(url, where, params); } +/* eslint-disable complexity */ function openLinkIn(url, where, params) { if (!where || !url) return; @@ -212,6 +213,7 @@ function openLinkIn(url, where, params) { params.referrerPolicy : Ci.nsIHttpChannel.REFERRER_POLICY_DEFAULT); var aRelatedToCurrent = params.relatedToCurrent; var aAllowMixedContent = params.allowMixedContent; + var aForceAllowDataURI = params.forceAllowDataURI; var aInBackground = params.inBackground; var aDisallowInheritPrincipal = params.disallowInheritPrincipal; var aInitiatingDoc = params.initiatingDoc; @@ -378,6 +380,9 @@ function openLinkIn(url, where, params) { if (aIndicateErrorPageLoad) { flags |= Ci.nsIWebNavigation.LOAD_FLAGS_ERROR_LOAD_CHANGES_RV; } + if (aForceAllowDataURI) { + flags |= Ci.nsIWebNavigation.LOAD_FLAGS_FORCE_ALLOW_DATA_URI; + } let {URI_INHERITS_SECURITY_CONTEXT} = Ci.nsIProtocolHandler; if (aForceAboutBlankViewerInCurrent && |