summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--application/palemoon/base/content/browser.js22
-rw-r--r--application/palemoon/base/content/nsContextMenu.js14
-rw-r--r--application/palemoon/base/content/tabbrowser.xml26
-rw-r--r--application/palemoon/base/content/utilityOverlay.js49
4 files changed, 102 insertions, 9 deletions
diff --git a/application/palemoon/base/content/browser.js b/application/palemoon/base/content/browser.js
index 386bd418b..7421fc5c3 100644
--- a/application/palemoon/base/content/browser.js
+++ b/application/palemoon/base/content/browser.js
@@ -1051,6 +1051,8 @@ var gBrowserInit = {
// [3]: postData (nsIInputStream)
// [4]: allowThirdPartyFixup (bool)
// [5]: referrerPolicy (int)
+ // [6]: originPrincipal (nsIPrincipal)
+ // [7]: triggeringPrincipal (nsIPrincipal)
else if (window.arguments.length >= 3) {
let referrerURI = window.arguments[2];
if (typeof(referrerURI) == "string") {
@@ -1063,7 +1065,10 @@ var gBrowserInit = {
let referrerPolicy = (window.arguments[5] != undefined ?
window.arguments[5] : Ci.nsIHttpChannel.REFERRER_POLICY_DEFAULT);
loadURI(uriToLoad, referrerURI, window.arguments[3] || null,
- window.arguments[4] || false, referrerPolicy);
+ window.arguments[4] || false, referrerPolicy,
+ // pass the origin principal (if any) and force its use to create
+ // an initial about:blank viewer if present:
+ window.arguments[6], !!window.arguments[6], window.arguments[7]);
window.focus();
}
// Note: loadOneOrMoreURIs *must not* be called if window.arguments.length >= 3.
@@ -1952,7 +1957,9 @@ function BrowserTryToCloseWindow()
window.close(); // WindowIsClosing does all the necessary checks
}
-function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy) {
+function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy,
+ originPrincipal, forceAboutBlankViewerInCurrent,
+ triggeringPrincipal) {
if (postData === undefined)
postData = null;
@@ -1968,6 +1975,9 @@ function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy)
referrerURI: referrer,
referrerPolicy: referrerPolicy,
postData: postData,
+ originPrincipal: originPrincipal,
+ triggeringPrincipal: triggeringPrincipal,
+ forceAboutBlankViewerInCurrent: forceAboutBlankViewerInCurrent,
});
} catch (e) {}
}
@@ -4395,9 +4405,11 @@ nsBrowserAccess.prototype = {
}
let referrer = aOpener ? makeURI(aOpener.location.href) : null;
+ let triggeringPrincipal = null;
let referrerPolicy = Ci.nsIHttpChannel.REFERRER_POLICY_DEFAULT;
if (aOpener && aOpener.document) {
referrerPolicy = aOpener.document.referrerPolicy;
+ triggeringPrincipal = aOpener.document.nodePrincipal;
}
switch (aWhere) {
@@ -4437,6 +4449,7 @@ nsBrowserAccess.prototype = {
let referrer = aOpener ? makeURI(aOpener.location.href) : null;
let tab = win.gBrowser.loadOneTab(aURI ? aURI.spec : "about:blank", {
+ triggeringPrincipal: triggeringPrincipal,
referrerURI: referrer,
referrerPolicy: referrerPolicy,
fromExternal: isExternal,
@@ -4459,6 +4472,7 @@ nsBrowserAccess.prototype = {
Ci.nsIWebNavigation.LOAD_FLAGS_NONE;
gBrowser.loadURIWithFlags(aURI.spec, {
flags: loadflags,
+ triggeringPrincipal: triggeringPrincipal,
referrerURI: referrer,
referrerPolicy: referrerPolicy,
});
@@ -5192,7 +5206,9 @@ function handleLinkClick(event, href, linkNode) {
urlSecurityCheck(href, doc.nodePrincipal);
openLinkIn(href, where, { referrerURI: doc.documentURIObject,
charset: doc.characterSet,
- referrerPolicy: doc.referrerPolicy });
+ referrerPolicy: doc.referrerPolicy,
+ originPrincipal: doc.nodePrincipal,
+ triggeringPrincipal: doc.nodePrincipal });
event.preventDefault();
return true;
}
diff --git a/application/palemoon/base/content/nsContextMenu.js b/application/palemoon/base/content/nsContextMenu.js
index 738868ccb..19b2fac77 100644
--- a/application/palemoon/base/content/nsContextMenu.js
+++ b/application/palemoon/base/content/nsContextMenu.js
@@ -754,7 +754,9 @@ nsContextMenu.prototype = {
openLinkIn(this.linkURL, "window",
{ charset: doc.characterSet,
referrerURI: doc.documentURIObject,
- referrerPolicy: doc.referrerPolicy });
+ referrerPolicy: doc.referrerPolicy,
+ originPrincipal: doc.nodePrincipal,
+ triggeringPrincipal: doc.nodePrincipal });
},
// Open linked-to URL in a new private window.
@@ -765,6 +767,8 @@ nsContextMenu.prototype = {
{ charset: doc.characterSet,
referrerURI: doc.documentURIObject,
referrerPolicy: doc.referrerPolicy,
+ originPrincipal: doc.nodePrincipal,
+ triggeringPrincipal: doc.nodePrincipal,
private: true });
},
@@ -775,7 +779,9 @@ nsContextMenu.prototype = {
openLinkIn(this.linkURL, "tab",
{ charset: doc.characterSet,
referrerURI: doc.documentURIObject,
- referrerPolicy: doc.referrerPolicy });
+ referrerPolicy: doc.referrerPolicy,
+ originPrincipal: doc.nodePrincipal,
+ triggeringPrincipal: doc.nodePrincipal });
},
// open URL in current tab
@@ -784,7 +790,9 @@ nsContextMenu.prototype = {
urlSecurityCheck(this.linkURL, doc.nodePrincipal);
openLinkIn(this.linkURL, "current",
{ charset: doc.characterSet,
- referrerURI: doc.documentURIObject });
+ referrerURI: doc.documentURIObject,
+ originPrincipal: doc.nodePrincipal,
+ triggeringPrincipal: doc.nodePrincipal });
},
// Open frame in a new tab.
diff --git a/application/palemoon/base/content/tabbrowser.xml b/application/palemoon/base/content/tabbrowser.xml
index ea68d00ad..d5735149e 100644
--- a/application/palemoon/base/content/tabbrowser.xml
+++ b/application/palemoon/base/content/tabbrowser.xml
@@ -1313,13 +1313,16 @@
<parameter name="aAllowThirdPartyFixup"/>
<body>
<![CDATA[
+ var aTriggeringPrincipal;
var aReferrerPolicy;
var aFromExternal;
var aRelatedToCurrent;
+ var aOriginPrincipal;
if (arguments.length == 2 &&
typeof arguments[1] == "object" &&
!(arguments[1] instanceof Ci.nsIURI)) {
let params = arguments[1];
+ aTriggeringPrincipal = params.triggeringPrincipal;
aReferrerURI = params.referrerURI;
aReferrerPolicy = params.referrerPolicy;
aCharset = params.charset;
@@ -1328,12 +1331,14 @@
aAllowThirdPartyFixup = params.allowThirdPartyFixup;
aFromExternal = params.fromExternal;
aRelatedToCurrent = params.relatedToCurrent;
+ aOriginPrincipal = params.originPrincipal;
}
var bgLoad = (aLoadInBackground != null) ? aLoadInBackground :
Services.prefs.getBoolPref("browser.tabs.loadInBackground");
var owner = bgLoad ? null : this.selectedTab;
var tab = this.addTab(aURI, {
+ triggeringPrincipal: aTriggeringPrincipal,
referrerURI: aReferrerURI,
referrerPolicy: aReferrerPolicy,
charset: aCharset,
@@ -1341,6 +1346,7 @@
ownerTab: owner,
allowThirdPartyFixup: aAllowThirdPartyFixup,
fromExternal: aFromExternal,
+ originPrincipal: aOriginPrincipal,
relatedToCurrent: aRelatedToCurrent});
if (!bgLoad)
this.selectedTab = tab;
@@ -1461,14 +1467,17 @@
<body>
<![CDATA[
const NS_XUL = "http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul";
+ var aTriggeringPrincipal;
var aReferrerPolicy;
var aFromExternal;
var aRelatedToCurrent;
var aSkipAnimation;
+ var aOriginPrincipal;
if (arguments.length == 2 &&
typeof arguments[1] == "object" &&
!(arguments[1] instanceof Ci.nsIURI)) {
let params = arguments[1];
+ aTriggeringPrincipal = params.triggeringPrincipal;
aReferrerURI = params.referrerURI;
aReferrerPolicy = params.referrerPolicy;
aCharset = params.charset;
@@ -1478,6 +1487,7 @@
aFromExternal = params.fromExternal;
aRelatedToCurrent = params.relatedToCurrent;
aSkipAnimation = params.skipAnimation;
+ aOriginPrincipal = params.originPrincipal;
}
// if we're adding tabs, we're past interrupt mode, ditch the owner
@@ -1486,6 +1496,11 @@
var t = document.createElementNS(NS_XUL, "tab");
+ let aURIObject = null;
+ try {
+ aURIObject = Services.io.newURI(aURI || "about:blank");
+ } catch (ex) { /* we'll try to fix up this URL later */ }
+
var uriIsAboutBlank = !aURI || aURI == "about:blank";
if (!aURI || isBlankPageURL(aURI))
@@ -1625,6 +1640,16 @@
evt.initEvent("TabOpen", true, false);
t.dispatchEvent(evt);
+ if (aOriginPrincipal && aURI) {
+ let {URI_INHERITS_SECURITY_CONTEXT} = Ci.nsIProtocolHandler;
+ // Unless we know for sure we're not inheriting principals,
+ // force the about:blank viewer to have the right principal:
+ if (!aURIObject ||
+ (Services.io.getProtocolFlags(aURIObject.scheme) & URI_INHERITS_SECURITY_CONTEXT)) {
+ b.createAboutBlankContentViewer(aOriginPrincipal);
+ }
+ }
+
// If we didn't swap docShells with a preloaded browser
// then let's just continue loading the page normally.
if (!docShellsSwapped && !uriIsAboutBlank) {
@@ -1643,6 +1668,7 @@
try {
b.loadURIWithFlags(aURI, {
flags: flags,
+ triggeringPrincipal: aTriggeringPrincipal,
referrerURI: aReferrerURI,
referrerPolicy: aReferrerPolicy,
charset: aCharset,
diff --git a/application/palemoon/base/content/utilityOverlay.js b/application/palemoon/base/content/utilityOverlay.js
index 0b97c9ce1..2c1a95f83 100644
--- a/application/palemoon/base/content/utilityOverlay.js
+++ b/application/palemoon/base/content/utilityOverlay.js
@@ -230,6 +230,10 @@ function openLinkIn(url, where, params) {
var aDisallowInheritPrincipal = params.disallowInheritPrincipal;
var aInitiatingDoc = params.initiatingDoc;
var aIsPrivate = params.private;
+ var aPrincipal = params.originPrincipal;
+ var aTriggeringPrincipal = params.triggeringPrincipal;
+ var aForceAboutBlankViewerInCurrent =
+ params.forceAboutBlankViewerInCurrent;
var sendReferrerURI = true;
if (where == "save") {
@@ -254,6 +258,23 @@ function openLinkIn(url, where, params) {
// Note that if |w| is null we might have no current browser (we'll open a new window).
var aCurrentBrowser = params.currentBrowser || (w && w.gBrowser.selectedBrowser);
+ // Teach the principal about the right OA to use, e.g. in case when
+ // opening a link in a new private window.
+ // Please note we do not have to do that for SystemPrincipals and we
+ // can not do it for NullPrincipals since NullPrincipals are only
+ // identical if they actually are the same object (See Bug: 1346759)
+ function useOAForPrincipal(principal) {
+ if (principal && principal.isCodebasePrincipal) {
+ let attrs = {
+ privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)),
+ };
+ return Services.scriptSecurityManager.createCodebasePrincipal(principal.URI, attrs);
+ }
+ return principal;
+ }
+ aPrincipal = useOAForPrincipal(aPrincipal);
+ aTriggeringPrincipal = useOAForPrincipal(aTriggeringPrincipal);
+
if (!w || where == "window") {
// This propagates to window.arguments.
// Strip referrer data when opening a new private window, to prevent
@@ -297,6 +318,8 @@ function openLinkIn(url, where, params) {
sa.AppendElement(aPostData);
sa.AppendElement(allowThirdPartyFixupSupports);
sa.AppendElement(referrerPolicySupports);
+ sa.AppendElement(aPrincipal);
+ sa.AppendElement(aTriggeringPrincipal);
let features = "chrome,dialog=no,all";
if (aIsPrivate) {
@@ -314,10 +337,17 @@ function openLinkIn(url, where, params) {
getBoolPref("browser.tabs.loadInBackground");
}
+ let uriObj;
+ if (where == "current") {
+ try {
+ uriObj = Services.io.newURI(url, null, null);
+ } catch (e) {}
+ }
+
if (where == "current" && w.gBrowser.selectedTab.pinned) {
try {
- let uriObj = Services.io.newURI(url, null, null);
- if (!uriObj.schemeIs("javascript") &&
+ // nsIURI.host can throw for non-nsStandardURL nsIURIs.
+ if (!uriObj || !uriObj.schemeIs("javascript") &&
w.gBrowser.currentURI.host != uriObj.host) {
where = "tab";
loadInBackground = false;
@@ -345,11 +375,22 @@ function openLinkIn(url, where, params) {
if (aForceAllowDataURI) {
flags |= Ci.nsIWebNavigation.LOAD_FLAGS_FORCE_ALLOW_DATA_URI;
}
+ let {URI_INHERITS_SECURITY_CONTEXT} = Ci.nsIProtocolHandler;
+ if (aForceAboutBlankViewerInCurrent &&
+ (!uriObj ||
+ (Services.io.getProtocolFlags(uriObj.scheme) & URI_INHERITS_SECURITY_CONTEXT))) {
+ // Unless we know for sure we're not inheriting principals,
+ // force the about:blank viewer to have the right principal:
+ w.gBrowser.selectedBrowser.createAboutBlankContentViewer(aPrincipal);
+ }
+
w.gBrowser.loadURIWithFlags(url, {
flags: flags,
+ triggeringPrincipal: aTriggeringPrincipal,
referrerURI: aReferrerURI,
referrerPolicy: aReferrerPolicy,
postData: aPostData,
+ originPrincipal: aPrincipal,
});
browserUsedForLoad = aCurrentBrowser;
break;
@@ -365,7 +406,9 @@ function openLinkIn(url, where, params) {
postData: aPostData,
inBackground: loadInBackground,
allowThirdPartyFixup: aAllowThirdPartyFixup,
- relatedToCurrent: aRelatedToCurrent});
+ relatedToCurrent: aRelatedToCurrent,
+ originPrincipal: aPrincipal,
+ triggeringPrincipal: aTriggeringPrincipal });
browserUsedForLoad = tabUsedForLoad.linkedBrowser;
break;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 01:54:03 +0000