summaryrefslogtreecommitdiffstats
path: root/browser/components
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-02-08 11:37:12 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-02-08 11:37:12 +0100
commitb827a3a9cd60b10526e3bc99274a1465f1b6f2d1 (patch)
tree4de2dee6e80a03a228590cc5fda3014d9e0f3169 /browser/components
parentf7f35438f5e257575ea2b7a430c58e458ae56b4e (diff)
downloadUXP-b827a3a9cd60b10526e3bc99274a1465f1b6f2d1.tar
UXP-b827a3a9cd60b10526e3bc99274a1465f1b6f2d1.tar.gz
UXP-b827a3a9cd60b10526e3bc99274a1465f1b6f2d1.tar.lz
UXP-b827a3a9cd60b10526e3bc99274a1465f1b6f2d1.tar.xz
UXP-b827a3a9cd60b10526e3bc99274a1465f1b6f2d1.zip
Perform LoadURL checks for WebExtensions.
Diffstat (limited to 'browser/components')
-rw-r--r--browser/components/extensions/ext-browserAction.js3
-rw-r--r--browser/components/extensions/ext-pageAction.js3
-rw-r--r--browser/components/extensions/schemas/page_action.json1
3 files changed, 7 insertions, 0 deletions
diff --git a/browser/components/extensions/ext-browserAction.js b/browser/components/extensions/ext-browserAction.js
index 407366e2c..2c82ac701 100644
--- a/browser/components/extensions/ext-browserAction.js
+++ b/browser/components/extensions/ext-browserAction.js
@@ -497,6 +497,9 @@ extensions.registerSchemaAPI("browserAction", "addon_parent", context => {
// For internal consistency, we currently resolve both relative to the
// calling context.
let url = details.popup && context.uri.resolve(details.popup);
+ if (url && !context.checkLoadURL(url)) {
+ return Promise.reject({message: `Access denied for URL ${url}`});
+ }
BrowserAction.for(extension).setProperty(tab, "popup", url);
},
diff --git a/browser/components/extensions/ext-pageAction.js b/browser/components/extensions/ext-pageAction.js
index 153f05d7a..5bf3a9c70 100644
--- a/browser/components/extensions/ext-pageAction.js
+++ b/browser/components/extensions/ext-pageAction.js
@@ -273,6 +273,9 @@ extensions.registerSchemaAPI("pageAction", "addon_parent", context => {
// For internal consistency, we currently resolve both relative to the
// calling context.
let url = details.popup && context.uri.resolve(details.popup);
+ if (url && !context.checkLoadURL(url)) {
+ return Promise.reject({message: `Access denied for URL ${url}`});
+ }
PageAction.for(extension).setProperty(tab, "popup", url);
},
diff --git a/browser/components/extensions/schemas/page_action.json b/browser/components/extensions/schemas/page_action.json
index f4f9ee8db..126378ca5 100644
--- a/browser/components/extensions/schemas/page_action.json
+++ b/browser/components/extensions/schemas/page_action.json
@@ -173,6 +173,7 @@
{
"name": "setPopup",
"type": "function",
+ "async": true,
"description": "Sets the html document to be opened as a popup when the user clicks on the page action's icon.",
"parameters": [
{