mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-02 01:48:05 +00:00
Bug 797385 - Part 1: Rename isXSSVlunerable flag to isInternal and add the flag to ibm864. r=smontagu
This commit is contained in:
parent
d84353a588
commit
59629fa35f
@ -87,7 +87,7 @@ interface nsICharsetConverterManager : nsISupports
|
||||
* notForOutgoing - not to be used for exporting files.
|
||||
* LangGroup - language code for charset, e.g. 'he' and 'zh-CN'.
|
||||
* isMultibyte - is this a multi-byte charset?
|
||||
* isXSSVulnerable - not to be used in untrusted web content
|
||||
* isInternal - not to be used in untrusted web content.
|
||||
*
|
||||
* @param aCharset name of the character encoding, e.g. 'iso-8859-15'.
|
||||
* @param aProp property desired for the character encoding.
|
||||
|
@ -74,8 +74,8 @@ interface nsIScriptableUnicodeConverter : nsISupports
|
||||
* Internal use
|
||||
*
|
||||
* When this attribute is set, all charsets may be accessed.
|
||||
* When it is not set (the default), charsets with the isXSSVulnerable flag
|
||||
* may not be accessed
|
||||
* When it is not set (the default), charsets with the isInternal flag
|
||||
* may not be accessed.
|
||||
*/
|
||||
attribute boolean isInternal;
|
||||
};
|
||||
|
@ -13,9 +13,9 @@
|
||||
## charset_name.notForOutgoing = anything - specifies that this charset is
|
||||
## not to be used for exporting files ('SaveAsCharset' in composer)
|
||||
##
|
||||
## charset_name.isXSSVulnerable = anything - specifies that this charset is
|
||||
## known to be vulnerable to XSS attacks and should not be exposed to web
|
||||
## content
|
||||
## charset_name.isInternal = anything - specifies that this charset should
|
||||
## not be exposed to web content because of the vulnerability to XSS attacks
|
||||
## or some other reasons
|
||||
##
|
||||
## charset_name.LangGroup =
|
||||
##
|
||||
@ -41,31 +41,33 @@ ibm869.notForBrowser = true
|
||||
ibm1125.notForBrowser = true
|
||||
ibm1131.notForBrowser = true
|
||||
|
||||
# charset with isXSSVulnerable
|
||||
# charset with isInternal
|
||||
x-mac-arabic.notForBrowser = true
|
||||
x-mac-farsi.notForBrowser = true
|
||||
x-mac-hebrew.notForBrowser = true
|
||||
x-imap4-modified-utf7.notForBrowser = true
|
||||
utf-7.notForBrowser = true
|
||||
ibm864.notForBrowser = true
|
||||
|
||||
x-mac-arabic.isXSSVulnerable = true
|
||||
x-mac-farsi.isXSSVulnerable = true
|
||||
x-mac-hebrew.isXSSVulnerable = true
|
||||
x-imap4-modified-utf7.isXSSVulnerable = true
|
||||
utf-7.isXSSVulnerable = true
|
||||
t.61-8bit.isXSSVulnerable = true
|
||||
x-mac-arabic.isInternal = true
|
||||
x-mac-farsi.isInternal = true
|
||||
x-mac-hebrew.isInternal = true
|
||||
x-imap4-modified-utf7.isInternal = true
|
||||
utf-7.isInternal = true
|
||||
t.61-8bit.isInternal = true
|
||||
ibm864.isInternal = true
|
||||
|
||||
t.61-8bit.notForOutgoing = true
|
||||
utf-7.notForOutgoing = true
|
||||
x-imap4-modified-utf7.notForOutgoing = true
|
||||
us-ascii.notForOutgoing = true
|
||||
iso-8859-6-e.notForOutgoing = true
|
||||
iso-8859-6-i.notForOutgoing = true
|
||||
ibm864i.notForOutgoing = true
|
||||
ibm869.notForOutgoing = true
|
||||
ibm1125.notForOutgoing = true
|
||||
ibm1131.notForOutgoing = true
|
||||
iso-8859-8-e.notForOutgoing = true
|
||||
t.61-8bit.notForOutgoing = true
|
||||
utf-7.notForOutgoing = true
|
||||
x-imap4-modified-utf7.notForOutgoing = true
|
||||
us-ascii.notForOutgoing = true
|
||||
iso-8859-6-e.notForOutgoing = true
|
||||
iso-8859-6-i.notForOutgoing = true
|
||||
ibm864i.notForOutgoing = true
|
||||
ibm869.notForOutgoing = true
|
||||
ibm1125.notForOutgoing = true
|
||||
ibm1131.notForOutgoing = true
|
||||
iso-8859-8-e.notForOutgoing = true
|
||||
iso-8859-8.notForOutgoing = true
|
||||
iso-2022-kr.notForOutgoing = true
|
||||
x-windows-949.notForOutgoing = true
|
||||
|
@ -117,7 +117,7 @@ bool nsCharsetConverterManager::IsInternal(const nsACString& aCharset)
|
||||
nsAutoString str;
|
||||
// fully qualify to possibly avoid vtable call
|
||||
nsresult rv = GetCharsetDataImpl(PromiseFlatCString(aCharset).get(),
|
||||
NS_LITERAL_STRING(".isXSSVulnerable").get(),
|
||||
NS_LITERAL_STRING(".isInternal").get(),
|
||||
str);
|
||||
|
||||
return NS_SUCCEEDED(rv);
|
||||
|
Loading…
Reference in New Issue
Block a user