mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-17 07:15:46 +00:00
Bug 1496220 - 2. Default to null triggering principal for GeckoView.loadUri; r=esawin
For improved security, default to a null triggering principal for GeckoView.loadUri calls, except when loading certain privileged schemes such as "resource" and "file". Differential Revision: https://phabricator.services.mozilla.com/D7785 --HG-- extra : moz-landing-system : lando
This commit is contained in:
parent
fa3bbf2ab4
commit
1ba080f4c2
@ -2,6 +2,6 @@
|
||||
<head><title>Hello, world!</title></head>
|
||||
<body>
|
||||
<a id="targetBlankLink" target="_blank" href="newSession_child.html">target="_blank"</a>
|
||||
<a id="noOpenerLink" target="_blank" rel="noopener" href="newSession_child.html">rel="noopener"</a>
|
||||
<a id="noOpenerLink" target="_blank" rel="noopener" href="http://example.com">rel="noopener"</a>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -73,9 +73,25 @@ class GeckoViewNavigation extends GeckoViewModule {
|
||||
navFlags |= Ci.nsIWebNavigation.LOAD_FLAGS_ALLOW_POPUPS;
|
||||
}
|
||||
|
||||
this.browser.loadURI(uri, {
|
||||
let parsedUri;
|
||||
let triggeringPrincipal;
|
||||
try {
|
||||
parsedUri = Services.io.newURI(uri);
|
||||
if (parsedUri.schemeIs("about") || parsedUri.schemeIs("data") ||
|
||||
parsedUri.schemeIs("file") || parsedUri.schemeIs("resource")) {
|
||||
// Only allow privileged loading for certain URIs.
|
||||
triggeringPrincipal = Services.scriptSecurityManager.getSystemPrincipal();
|
||||
}
|
||||
} catch (ignored) {
|
||||
}
|
||||
if (!triggeringPrincipal) {
|
||||
triggeringPrincipal = Services.scriptSecurityManager.createNullPrincipal({});
|
||||
}
|
||||
|
||||
this.browser.loadURI(parsedUri ? parsedUri.spec : uri, {
|
||||
flags: navFlags,
|
||||
referrerURI: referrer,
|
||||
triggeringPrincipal,
|
||||
});
|
||||
break;
|
||||
case "GeckoView:Reload":
|
||||
|
Loading…
Reference in New Issue
Block a user