Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-11 12:25:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 163648 - Disable specific external protocol handlers with known security

Browse Source 
problems. r=darin, sr=dveditz.
This commit is contained in:
mstoltz%netscape.com 2002-10-09 00:54:43 +00:00
parent a568fd5506
commit 35ab60450f
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/libpref/src/init/all.js
View File

@ -417,6 +417,13 @@ pref("offline.news.download.use_days", 0);
// prevents necko connecting to ports 1-5 unless the protocol
// overrides.
// Prevent using external protocol handlers for these schemes
pref("network.protocol-handler.external.hcp", false);
pref("network.protocol-handler.external.vbscript", false);
pref("network.protocol-handler.external.javascript", false);
pref("network.protocol-handler.external.ms-help", false);
pref("network.protocol-handler.external.vnd.ms.radio", false);
pref("network.hosts.smtp_server", "mail");
pref("network.hosts.pop_server", "mail");
pref("network.protocols.useSystemDefaults", false); // set to true if user links should use system default handlers

13
netwerk/base/src/nsIOService.cpp
View File

@ -384,14 +384,17 @@ nsIOService::GetProtocolHandler(const char* scheme, nsIProtocolHandler* *result)
if (NS_SUCCEEDED(rv)) return NS_OK;
PRBool externalProtocol = PR_FALSE;
PRBool listedProtocol = PR_TRUE;
nsCOMPtr<nsIPrefBranch> prefBranch;
GetPrefBranch(getter_AddRefs(prefBranch));
if (prefBranch) {
nsCAutoString externalProtocolPref("network.protocol-handler.external.");
externalProtocolPref += scheme;
rv = prefBranch->GetBoolPref(externalProtocolPref.get(), &externalProtocol);
if (NS_FAILED(rv))
if (NS_FAILED(rv)) {
externalProtocol = PR_FALSE;
listedProtocol = PR_FALSE;
}
}
if (!externalProtocol) {
@ -400,10 +403,14 @@ nsIOService::GetProtocolHandler(const char* scheme, nsIProtocolHandler* *result)
ToLowerCase(contractID);
rv = CallGetService(contractID.get(), result);
// If the pref for this protocol was explicitly set to false,
// stop here and do not invoke the default handler.
if (NS_FAILED(rv) && listedProtocol)
return NS_ERROR_UNKNOWN_PROTOCOL;
}
if (externalProtocol || NS_FAILED(rv))
{
if (externalProtocol || NS_FAILED(rv)) {
// okay we don't have a protocol handler to handle this url type, so use the default protocol handler.
// this will cause urls to get dispatched out to the OS ('cause we can't do anything with them) when
// we try to read from a channel created by the default protocol handler.