From 8b7daa5369f74b4402f0912c0c64be474f053b0a Mon Sep 17 00:00:00 2001
From: Kyle Machulis <kyle@nonpolynomial.com>
Date: Sat, 20 Jul 2019 15:27:48 +0200
Subject: Don't allow cross-origin POST redirects on 308 codes.

We already don't allow cross origin POST redirects on 307 redirects;
this adds extra guards to make sure we don't allow them on 308s either.
---
 dom/plugins/base/nsPluginStreamListenerPeer.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dom/plugins/base/nsPluginStreamListenerPeer.cpp b/dom/plugins/base/nsPluginStreamListenerPeer.cpp
index 665e11ec1..0476315d5 100644
--- a/dom/plugins/base/nsPluginStreamListenerPeer.cpp
+++ b/dom/plugins/base/nsPluginStreamListenerPeer.cpp
@@ -1381,7 +1381,7 @@ nsPluginStreamListenerPeer::AsyncOnChannelRedirect(nsIChannel *oldChannel, nsICh
     return NS_ERROR_FAILURE;
   }
 
-  // Don't allow cross-origin 307 POST redirects.
+  // Don't allow cross-origin 307/308 POST redirects.
   nsCOMPtr<nsIHttpChannel> oldHttpChannel(do_QueryInterface(oldChannel));
   if (oldHttpChannel) {
     uint32_t responseStatus;
@@ -1389,7 +1389,7 @@ nsPluginStreamListenerPeer::AsyncOnChannelRedirect(nsIChannel *oldChannel, nsICh
     if (NS_FAILED(rv)) {
       return rv;
     }
-    if (responseStatus == 307) {
+    if (responseStatus == 307 || responseStatus == 308) {
       nsAutoCString method;
       rv = oldHttpChannel->GetRequestMethod(method);
       if (NS_FAILED(rv)) {
-- 
cgit v1.2.3