mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-10 11:55:49 +00:00
Bug 656815: make loading javascript: URIs in a docshell work for DISALLOW_INHERIT_OWNER loads, r=bz
--HG-- extra : rebase_source : 6b0e289ac80ffab967813b06e2e28f2842921b70
This commit is contained in:
parent
0a1ed803a8
commit
479d8a0b0c
@ -7,21 +7,15 @@ function test() {
|
||||
nextTest();
|
||||
}
|
||||
|
||||
let gTests = [
|
||||
// XXX bug 656815: javascript: URIs can't currently execute without inheriting
|
||||
// the page principal
|
||||
// {
|
||||
// url: "javascript:document.domain;"
|
||||
// },
|
||||
{
|
||||
url: "data:text/html,<script>document.write(document.domain);</script>"
|
||||
},
|
||||
let urls = [
|
||||
"javascript:'foopy';",
|
||||
"data:text/html,<script>document.write(document.domain);</script>"
|
||||
];
|
||||
|
||||
function nextTest() {
|
||||
let test = gTests.shift();
|
||||
if (test)
|
||||
testURL(test.url, nextTest);
|
||||
let url = urls.shift();
|
||||
if (url)
|
||||
testURL(url, nextTest);
|
||||
else
|
||||
finish();
|
||||
}
|
||||
|
@ -1389,9 +1389,14 @@ nsDocShell::LoadURI(nsIURI * aURI,
|
||||
}
|
||||
}
|
||||
|
||||
if (aLoadFlags & LOAD_FLAGS_DISALLOW_INHERIT_OWNER) {
|
||||
inheritOwner = PR_FALSE;
|
||||
owner = do_CreateInstance("@mozilla.org/nullprincipal;1");
|
||||
}
|
||||
|
||||
PRUint32 flags = 0;
|
||||
|
||||
if (inheritOwner && !(aLoadFlags & LOAD_FLAGS_DISALLOW_INHERIT_OWNER))
|
||||
if (inheritOwner)
|
||||
flags |= INTERNAL_LOAD_FLAGS_INHERIT_OWNER;
|
||||
|
||||
if (!sendReferrer)
|
||||
|
@ -22,27 +22,42 @@ function test() {
|
||||
}
|
||||
|
||||
// Load a normal http URL
|
||||
loadURL("http://example.com/", 0, function () {
|
||||
let pagePrincipal = browser.contentPrincipal;
|
||||
function testURL(url, func) {
|
||||
loadURL("http://example.com/", 0, function () {
|
||||
let pagePrincipal = browser.contentPrincipal;
|
||||
ok(pagePrincipal, "got principal for http:// page");
|
||||
|
||||
// Now load a data URI normally
|
||||
loadURL("data:text/html,<body>inherit", 0, function () {
|
||||
let dataPrincipal = browser.contentPrincipal;
|
||||
ok(dataPrincipal.equals(pagePrincipal), "data URI should inherit principal");
|
||||
// Now load the URL normally
|
||||
loadURL(url, 0, function () {
|
||||
ok(browser.contentPrincipal.equals(pagePrincipal), url + " should inherit principal");
|
||||
|
||||
// Load a normal http URL
|
||||
loadURL("http://example.com/", 0, function () {
|
||||
let innerPagePrincipal = browser.contentPrincipal;
|
||||
|
||||
// Now load a data URI and disallow inheriting the principal
|
||||
// Now load the URL and disallow inheriting the principal
|
||||
let webNav = Components.interfaces.nsIWebNavigation;
|
||||
loadURL("data:text/html,<body>noinherit", webNav.LOAD_FLAGS_DISALLOW_INHERIT_OWNER, function () {
|
||||
let innerDataPrincipal = browser.contentPrincipal;
|
||||
ok(!innerDataPrincipal.equals(innerPagePrincipal), "data URI should not inherit principal");
|
||||
|
||||
finish();
|
||||
loadURL(url, webNav.LOAD_FLAGS_DISALLOW_INHERIT_OWNER, function () {
|
||||
let newPrincipal = browser.contentPrincipal;
|
||||
ok(newPrincipal, "got inner principal");
|
||||
ok(!newPrincipal.equals(pagePrincipal),
|
||||
url + " should not inherit principal when loaded with DISALLOW_INHERIT_OWNER");
|
||||
|
||||
func();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
let urls = [
|
||||
"data:text/html,<body>hi",
|
||||
"javascript:1;"
|
||||
];
|
||||
|
||||
function nextTest() {
|
||||
let url = urls.shift();
|
||||
if (url)
|
||||
testURL(url, nextTest);
|
||||
else
|
||||
finish();
|
||||
}
|
||||
|
||||
nextTest();
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user