mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 11:25:00 +00:00
Remove special-casing so non-chrome-principal pages, even with chrome: uris,
can have script disabled as needed. Bug 280120, r=peterv, sr=neil
This commit is contained in:
parent
002ef0d52b
commit
3a4edb10d6
@ -1514,25 +1514,6 @@ nsScriptSecurityManager::CanExecuteScripts(JSContext* cx,
|
|||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
//-- Always allow chrome pages to run scripts
|
|
||||||
// This is for about: URLs, which are chrome but don't
|
|
||||||
// have the system principal
|
|
||||||
if (!mIsJavaScriptEnabled)
|
|
||||||
{
|
|
||||||
nsCOMPtr<nsIURI> principalURI;
|
|
||||||
aPrincipal->GetURI(getter_AddRefs(principalURI));
|
|
||||||
if (principalURI)
|
|
||||||
{
|
|
||||||
PRBool isChrome = PR_FALSE;
|
|
||||||
principalURI->SchemeIs("chrome", &isChrome);
|
|
||||||
if (isChrome)
|
|
||||||
{
|
|
||||||
*result = PR_TRUE;
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
//-- See if the current window allows JS execution
|
//-- See if the current window allows JS execution
|
||||||
nsIScriptContext *scriptContext = GetScriptContext(cx);
|
nsIScriptContext *scriptContext = GetScriptContext(cx);
|
||||||
if (!scriptContext) return NS_ERROR_FAILURE;
|
if (!scriptContext) return NS_ERROR_FAILURE;
|
||||||
@ -1565,6 +1546,22 @@ nsScriptSecurityManager::CanExecuteScripts(JSContext* cx,
|
|||||||
} while (treeItem && docshell);
|
} while (treeItem && docshell);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// OK, the docshell doesn't have script execution explicitly disabled.
|
||||||
|
// Check whether our URI is "about:". If it is, we need to allow JS to
|
||||||
|
// run... In this case, don't apply the JS enabled pref or policies.
|
||||||
|
nsCOMPtr<nsIURI> principalURI;
|
||||||
|
aPrincipal->GetURI(getter_AddRefs(principalURI));
|
||||||
|
if (principalURI)
|
||||||
|
{
|
||||||
|
nsCAutoString spec;
|
||||||
|
principalURI->GetSpec(spec);
|
||||||
|
if (spec.EqualsLiteral("about:"))
|
||||||
|
{
|
||||||
|
*result = PR_TRUE;
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
//-- See if JS is disabled globally (via prefs)
|
//-- See if JS is disabled globally (via prefs)
|
||||||
*result = mIsJavaScriptEnabled;
|
*result = mIsJavaScriptEnabled;
|
||||||
if (mIsJavaScriptEnabled != mIsMailJavaScriptEnabled && globalObjTreeItem)
|
if (mIsJavaScriptEnabled != mIsMailJavaScriptEnabled && globalObjTreeItem)
|
||||||
|
Loading…
Reference in New Issue
Block a user