diff options
| author | Moonchild <mcwerewolf@gmail.com> | 2018-04-23 11:46:21 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-04-23 11:46:21 +0200 |
| commit | 8ed46f424e1a8a09bad7147882b83c9b2aad17c6 (patch) | |
| tree | 5c6953fd44fddb74891ddd96613f1ef949c85fd7 /dom/security/nsCSPContext.cpp | |
| parent | 8ffac11aa6eb32be75ff049787191e12476586d3 (diff) | |
| parent | ccbd5ecf57fcd53ac8b28ddf7466b6c930f764df (diff) | |
| download | UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar.gz UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar.lz UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar.xz UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.zip | |
Merge pull request #231 from janekptacijarabaci/security_blocking_data_1
moebius#223, #224, #226, #230: DOM - consider blocking top level window data: URIs
Diffstat (limited to 'dom/security/nsCSPContext.cpp')
| -rw-r--r-- | dom/security/nsCSPContext.cpp | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/dom/security/nsCSPContext.cpp b/dom/security/nsCSPContext.cpp index a7517f65e..979bd915f 100644 --- a/dom/security/nsCSPContext.cpp +++ b/dom/security/nsCSPContext.cpp @@ -171,9 +171,10 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType, } } - // aExtra is only non-null if the channel got redirected. - bool wasRedirected = (aExtra != nullptr); + // aExtra holds the original URI of the channel if the + // channel got redirected (until we fix Bug 1332422). nsCOMPtr<nsIURI> originalURI = do_QueryInterface(aExtra); + bool wasRedirected = originalURI; bool permitted = permitsInternal(dir, aContentLocation, |