summaryrefslogtreecommitdiffstats
path: root/dom/security/nsContentSecurityManager.cpp
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-22 20:28:18 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-22 20:28:18 +0200
commit660d01438a6a29ebd43f592ac7d6df2dad6a6962 (patch)
treeeb5aa299dfa4db3fee25031dcf523559df6a4baf /dom/security/nsContentSecurityManager.cpp
parentf1e5578718ea8883438cfea06d3c55d25f5c0278 (diff)
downloadUXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar
UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar.gz
UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar.lz
UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.tar.xz
UXP-660d01438a6a29ebd43f592ac7d6df2dad6a6962.zip
moebius#230: Consider blocking top level window data: URIs (part 3/3 without tests)
https://github.com/MoonchildProductions/moebius/pull/230
Diffstat (limited to 'dom/security/nsContentSecurityManager.cpp')
-rw-r--r--dom/security/nsContentSecurityManager.cpp4
1 files changed, 4 insertions, 0 deletions
diff --git a/dom/security/nsContentSecurityManager.cpp b/dom/security/nsContentSecurityManager.cpp
index c987fed67..9329c558a 100644
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -39,6 +39,10 @@ nsContentSecurityManager::AllowTopLevelNavigationToDataURI(nsIChannel* aChannel)
if (loadInfo->GetExternalContentPolicyType() != nsIContentPolicy::TYPE_DOCUMENT) {
return true;
}
+ if (loadInfo->GetForceAllowDataURI()) {
+ // if the loadinfo explicitly allows the data URI navigation, let's allow it now
+ return true;
+ }
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
NS_ENSURE_SUCCESS(rv, true);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 02:39:31 +0000