Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-27 04:38:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 163950 - allow opening connections for XML data transfer services when document.domain has been set. r=jst, sr=heikki.

Browse Source
This commit is contained in:
mstoltz%netscape.com 2003-05-28 23:22:36 +00:00
parent 0ed8e8a306
commit 11919bb299
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
caps/include/nsScriptSecurityManager.h
View File

@ -323,7 +323,8 @@ private:
nsresult nsresult
CheckSameOriginDOMProp(nsIPrincipal* aSubject, CheckSameOriginDOMProp(nsIPrincipal* aSubject,
nsIPrincipal* aObject, nsIPrincipal* aObject,
PRUint32 aAction); PRUint32 aAction,
PRBool aIsCheckConnect);
PRInt32 PRInt32
GetSecurityLevel(nsIPrincipal *principal, GetSecurityLevel(nsIPrincipal *principal,

19
caps/src/nsScriptSecurityManager.cpp
View File

@ -590,7 +590,8 @@ nsScriptSecurityManager::CheckSameOriginPrincipal(nsIPrincipal* aSourcePrincipal
nsIPrincipal* aTargetPrincipal) nsIPrincipal* aTargetPrincipal)
{ {
return CheckSameOriginDOMProp(aSourcePrincipal, aTargetPrincipal, return CheckSameOriginDOMProp(aSourcePrincipal, aTargetPrincipal,
nsIXPCSecurityManager::ACCESS_SET_PROPERTY); nsIXPCSecurityManager::ACCESS_SET_PROPERTY,
PR_FALSE);
} }
@ -724,7 +725,8 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
NS_ERROR("CheckPropertyAccessImpl called without a target object or URL"); NS_ERROR("CheckPropertyAccessImpl called without a target object or URL");
return NS_ERROR_FAILURE; return NS_ERROR_FAILURE;
} }
rv = CheckSameOriginDOMProp(subjectPrincipal, objectPrincipal, aAction); rv = CheckSameOriginDOMProp(subjectPrincipal, objectPrincipal,
aAction, (PRBool)aTargetURI);
break; break;
} }
default: default:
@ -849,7 +851,8 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
nsresult nsresult
nsScriptSecurityManager::CheckSameOriginDOMProp(nsIPrincipal* aSubject, nsScriptSecurityManager::CheckSameOriginDOMProp(nsIPrincipal* aSubject,
nsIPrincipal* aObject, nsIPrincipal* aObject,
PRUint32 aAction) PRUint32 aAction,
PRBool aIsCheckConnect)
{ {
nsresult rv; nsresult rv;
/* /*
@ -867,6 +870,14 @@ nsScriptSecurityManager::CheckSameOriginDOMProp(nsIPrincipal* aSubject,
// explicitly setting document.domain then the other must also have // explicitly setting document.domain then the other must also have
// done so in order to be considered the same origin. This prevents // done so in order to be considered the same origin. This prevents
// DNS spoofing based on document.domain (154930) // DNS spoofing based on document.domain (154930)
// But this restriction does not apply to CheckConnect calls, since
// that's called for data-only load checks like XMLHTTPRequest, where
// the target document has not yet loaded and can't have set its domain
// (bug 163950)
if (aIsCheckConnect)
return NS_OK;
nsCOMPtr<nsIAggregatePrincipal> subjectAgg(do_QueryInterface(aSubject, &rv)); nsCOMPtr<nsIAggregatePrincipal> subjectAgg(do_QueryInterface(aSubject, &rv));
NS_ENSURE_SUCCESS(rv, rv); NS_ENSURE_SUCCESS(rv, rv);
PRBool subjectSetDomain = PR_FALSE; PRBool subjectSetDomain = PR_FALSE;
@ -1206,7 +1217,7 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
} }
//-- If the schemes don't match, the policy is specified in this table. //-- If the schemes don't match, the policy is specified in this table.
enum Action { AllowProtocol, DenyProtocol, PrefControlled, ChromeProtocol }; enum Action { AllowProtocol, DenyProtocol, PrefControlled, ChromeProtocol};
static const struct static const struct
{ {
const char *name; const char *name;