mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 05:41:12 +00:00
Bug 1340710 - Part 4: Fix nsIPrincipal::GetOrigin()'s handling of non-strict file:// URI origin policy; r=bholley
This commit is contained in:
parent
f3dc163eaf
commit
57d1fd125b
@ -138,6 +138,14 @@ nsPrincipal::GetOriginInternal(nsACString& aOrigin)
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
if (!nsScriptSecurityManager::GetStrictFileOriginPolicy() &&
|
||||
NS_URIIsLocalFile(origin)) {
|
||||
// If strict file origin policy is not in effect, all local files are
|
||||
// considered to be same-origin, so return a known dummy origin here.
|
||||
aOrigin.AssignLiteral("file://UNIVERSAL_FILE_URI_ORIGIN");
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsAutoCString hostPort;
|
||||
|
||||
// chrome: URLs don't have a meaningful origin, so make
|
||||
|
@ -286,4 +286,16 @@ function run_test() {
|
||||
do_check_eq(ChromeUtils.originAttributesToSuffix(mod), t[3]);
|
||||
});
|
||||
|
||||
var fileURI = makeURI('file:///foo/bar').QueryInterface(Ci.nsIFileURL);
|
||||
var fileTests = [
|
||||
[true, fileURI.spec],
|
||||
[false, "file://UNIVERSAL_FILE_URI_ORIGIN"],
|
||||
];
|
||||
fileTests.forEach(t => {
|
||||
Services.prefs.setBoolPref("security.fileuri.strict_origin_policy", t[0]);
|
||||
var filePrin = ssm.createCodebasePrincipal(fileURI, {});
|
||||
do_check_eq(filePrin.origin, t[1]);
|
||||
});
|
||||
Services.prefs.clearUserPref("security.fileuri.strict_origin_policy");
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user