From 28a3484e2b6ac0129ed173cdb4827f9de33c73c5 Mon Sep 17 00:00:00 2001
From: janekptacijarabaci <janekptacijarabaci@seznam.cz>
Date: Thu, 26 Apr 2018 12:36:58 +0200
Subject: Bug 1189073 - Handle entering 'localhost:12345' into the cookie
 exceptions dialog correctly

---
 .../palemoon/components/preferences/permissions.js        | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'application')

diff --git a/application/palemoon/components/preferences/permissions.js b/application/palemoon/components/preferences/permissions.js
index 03e07a916..8f559b0e0 100644
--- a/application/palemoon/components/preferences/permissions.js
+++ b/application/palemoon/components/preferences/permissions.js
@@ -86,14 +86,25 @@ var gPermissionManager = {
     var input_url = textbox.value.replace(/^\s*/, ""); // trim any leading space
     let principal;
     try {
-      // If the uri doesn't successfully parse, try adding a http:// and parsing again
+      // The origin accessor on the principal object will throw if the
+      // principal doesn't have a canonical origin representation. This will
+      // help catch cases where the URI parser parsed something like
+      // `localhost:8080` as having the scheme `localhost`, rather than being
+      // an invalid URI. A canonical origin representation is required by the
+      // permission manager for storage, so this won't prevent any valid
+      // permissions from being entered by the user.
       let uri;
       try {
         uri = Services.io.newURI(input_url, null, null);
+        principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri);
+        // If we have ended up with an unknown scheme, the following will throw.
+        principal.origin;
       } catch(ex) {
         uri = Services.io.newURI("http://" + input_url, null, null);
+        principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri);
+        // If we have ended up with an unknown scheme, the following will throw.
+        principal.origin;
       }
-      principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri);
     } catch(ex) {
       var message = this._bundle.getString("invalidURI");
       var title = this._bundle.getString("invalidURITitle");
-- 
cgit v1.2.3