diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-08-18 16:25:15 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-08-18 16:26:16 +0200 |
| commit | 202296d02aa99afa90581333ab059c050b9c3ade (patch) | |
| tree | 6ed8a1289bed1bb06d2703ea77cba5fccd3bdffa /netwerk/base/nsNetUtil.cpp | |
| parent | 1530f48c27fb13d7cbd2708c9f0fcf2dabc6ed6a (diff) | |
| parent | ab6242a93b849b0a3c7525b16bc01dd3172fc167 (diff) | |
| download | UXP-202296d02aa99afa90581333ab059c050b9c3ade.tar UXP-202296d02aa99afa90581333ab059c050b9c3ade.tar.gz UXP-202296d02aa99afa90581333ab059c050b9c3ade.tar.lz UXP-202296d02aa99afa90581333ab059c050b9c3ade.tar.xz UXP-202296d02aa99afa90581333ab059c050b9c3ade.zip | |
Pull Basilisk-release forward.
Diffstat (limited to 'netwerk/base/nsNetUtil.cpp')
| -rw-r--r-- | netwerk/base/nsNetUtil.cpp | 56 |
1 files changed, 32 insertions, 24 deletions
diff --git a/netwerk/base/nsNetUtil.cpp b/netwerk/base/nsNetUtil.cpp index 653a9003e..2974e26b0 100644 --- a/netwerk/base/nsNetUtil.cpp +++ b/netwerk/base/nsNetUtil.cpp @@ -10,6 +10,7 @@ #include "mozilla/LoadContext.h" #include "mozilla/LoadInfo.h" #include "mozilla/BasePrincipal.h" +#include "mozilla/Preferences.h" #include "mozilla/Telemetry.h" #include "nsNetUtil.h" #include "nsNetUtilInlines.h" @@ -1821,33 +1822,40 @@ NS_RelaxStrictFileOriginPolicy(nsIURI *aTargetURI, return false; } - // - // If the file to be loaded is in a subdirectory of the source - // (or same-dir if source is not a directory) then it will - // inherit its source principal and be scriptable by that source. - // - bool sourceIsDir; - bool allowed = false; - nsresult rv = sourceFile->IsDirectory(&sourceIsDir); - if (NS_SUCCEEDED(rv) && sourceIsDir) { - rv = sourceFile->Contains(targetFile, &allowed); - } else { - nsCOMPtr<nsIFile> sourceParent; - rv = sourceFile->GetParent(getter_AddRefs(sourceParent)); - if (NS_SUCCEEDED(rv) && sourceParent) { - rv = sourceParent->Equals(targetFile, &allowed); - if (NS_FAILED(rv) || !allowed) { - rv = sourceParent->Contains(targetFile, &allowed); - } else { - MOZ_ASSERT(aAllowDirectoryTarget, - "sourceFile->Parent == targetFile, but targetFile " - "should've been disallowed if it is a directory"); + bool uniqueOrigin = true; + uniqueOrigin = Preferences::GetBool("security.fileuri.unique_origin"); + + // If treating all files as unique origins, we can skip this because + // it should always be refused. + if (!uniqueOrigin) { + // + // If the file to be loaded is in a subdirectory of the source + // (or same-dir if source is not a directory) then it will + // inherit its source principal and be scriptable by that source. + // + bool sourceIsDir; + bool allowed = false; + nsresult rv = sourceFile->IsDirectory(&sourceIsDir); + if (NS_SUCCEEDED(rv) && sourceIsDir) { + rv = sourceFile->Contains(targetFile, &allowed); + } else { + nsCOMPtr<nsIFile> sourceParent; + rv = sourceFile->GetParent(getter_AddRefs(sourceParent)); + if (NS_SUCCEEDED(rv) && sourceParent) { + rv = sourceParent->Equals(targetFile, &allowed); + if (NS_FAILED(rv) || !allowed) { + rv = sourceParent->Contains(targetFile, &allowed); + } else { + MOZ_ASSERT(aAllowDirectoryTarget, + "sourceFile->Parent == targetFile, but targetFile " + "should've been disallowed if it is a directory"); + } } } - } - if (NS_SUCCEEDED(rv) && allowed) { - return true; + if (NS_SUCCEEDED(rv) && allowed) { + return true; + } } return false; |