diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-07-15 14:13:14 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-07-15 14:13:14 +0200 |
| commit | 45cb5ab7291f44d3e06de4e71e5b0a9e80f6a0b6 (patch) | |
| tree | 9430091e5deb3f29a9a2ec262964e4d249687faf /netwerk/protocol/http/nsHttpChannelAuthProvider.h | |
| parent | 4491ec5eacd5ed501737c0db2c134fe1815c50a8 (diff) | |
| download | UXP-45cb5ab7291f44d3e06de4e71e5b0a9e80f6a0b6.tar UXP-45cb5ab7291f44d3e06de4e71e5b0a9e80f6a0b6.tar.gz UXP-45cb5ab7291f44d3e06de4e71e5b0a9e80f6a0b6.tar.lz UXP-45cb5ab7291f44d3e06de4e71e5b0a9e80f6a0b6.tar.xz UXP-45cb5ab7291f44d3e06de4e71e5b0a9e80f6a0b6.zip | |
Block http auth prompt for cross-origin image subresources by default.
Still allow this to be bypassed with a pref for those really rare corner
cases where images are loaded cross-origin by design and the session
hasn't been/can't be authenticated ahead of time.
Diffstat (limited to 'netwerk/protocol/http/nsHttpChannelAuthProvider.h')
| -rw-r--r-- | netwerk/protocol/http/nsHttpChannelAuthProvider.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.h b/netwerk/protocol/http/nsHttpChannelAuthProvider.h index 44d79b22b..0d6045875 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.h +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.h @@ -179,10 +179,11 @@ private: RefPtr<nsHttpHandler> mHttpHandler; // keep gHttpHandler alive - // A variable holding the preference settings to whether to open HTTP + // Variables holding the preference settings for whether to open HTTP // authentication credentials dialogs for sub-resources and cross-origin // sub-resources. static uint32_t sAuthAllowPref; + static bool sImgCrossOriginAuthAllowPref; nsCOMPtr<nsICancelable> mGenerateCredentialsCancelable; }; |