Bug 797385 - Part 1: Rename isXSSVlunerable flag to isInternal and add the flag to ibm864. r=smontagu

This commit is contained in:
Masatoshi Kimura 2012-10-10 06:32:36 -04:00
parent d84353a588
commit 59629fa35f
4 changed files with 27 additions and 25 deletions

View File

@ -87,7 +87,7 @@ interface nsICharsetConverterManager : nsISupports
* notForOutgoing - not to be used for exporting files.
* LangGroup - language code for charset, e.g. 'he' and 'zh-CN'.
* isMultibyte - is this a multi-byte charset?
* isXSSVulnerable - not to be used in untrusted web content
* isInternal - not to be used in untrusted web content.
*
* @param aCharset name of the character encoding, e.g. 'iso-8859-15'.
* @param aProp property desired for the character encoding.

View File

@ -74,8 +74,8 @@ interface nsIScriptableUnicodeConverter : nsISupports
* Internal use
*
* When this attribute is set, all charsets may be accessed.
* When it is not set (the default), charsets with the isXSSVulnerable flag
* may not be accessed
* When it is not set (the default), charsets with the isInternal flag
* may not be accessed.
*/
attribute boolean isInternal;
};

View File

@ -13,9 +13,9 @@
## charset_name.notForOutgoing = anything - specifies that this charset is
## not to be used for exporting files ('SaveAsCharset' in composer)
##
## charset_name.isXSSVulnerable = anything - specifies that this charset is
## known to be vulnerable to XSS attacks and should not be exposed to web
## content
## charset_name.isInternal = anything - specifies that this charset should
## not be exposed to web content because of the vulnerability to XSS attacks
## or some other reasons
##
## charset_name.LangGroup =
##
@ -41,31 +41,33 @@ ibm869.notForBrowser = true
ibm1125.notForBrowser = true
ibm1131.notForBrowser = true
# charset with isXSSVulnerable
# charset with isInternal
x-mac-arabic.notForBrowser = true
x-mac-farsi.notForBrowser = true
x-mac-hebrew.notForBrowser = true
x-imap4-modified-utf7.notForBrowser = true
utf-7.notForBrowser = true
ibm864.notForBrowser = true
x-mac-arabic.isXSSVulnerable = true
x-mac-farsi.isXSSVulnerable = true
x-mac-hebrew.isXSSVulnerable = true
x-imap4-modified-utf7.isXSSVulnerable = true
utf-7.isXSSVulnerable = true
t.61-8bit.isXSSVulnerable = true
x-mac-arabic.isInternal = true
x-mac-farsi.isInternal = true
x-mac-hebrew.isInternal = true
x-imap4-modified-utf7.isInternal = true
utf-7.isInternal = true
t.61-8bit.isInternal = true
ibm864.isInternal = true
t.61-8bit.notForOutgoing = true
utf-7.notForOutgoing = true
x-imap4-modified-utf7.notForOutgoing = true
us-ascii.notForOutgoing = true
iso-8859-6-e.notForOutgoing = true
iso-8859-6-i.notForOutgoing = true
ibm864i.notForOutgoing = true
ibm869.notForOutgoing = true
ibm1125.notForOutgoing = true
ibm1131.notForOutgoing = true
iso-8859-8-e.notForOutgoing = true
t.61-8bit.notForOutgoing = true
utf-7.notForOutgoing = true
x-imap4-modified-utf7.notForOutgoing = true
us-ascii.notForOutgoing = true
iso-8859-6-e.notForOutgoing = true
iso-8859-6-i.notForOutgoing = true
ibm864i.notForOutgoing = true
ibm869.notForOutgoing = true
ibm1125.notForOutgoing = true
ibm1131.notForOutgoing = true
iso-8859-8-e.notForOutgoing = true
iso-8859-8.notForOutgoing = true
iso-2022-kr.notForOutgoing = true
x-windows-949.notForOutgoing = true

View File

@ -117,7 +117,7 @@ bool nsCharsetConverterManager::IsInternal(const nsACString& aCharset)
nsAutoString str;
// fully qualify to possibly avoid vtable call
nsresult rv = GetCharsetDataImpl(PromiseFlatCString(aCharset).get(),
NS_LITERAL_STRING(".isXSSVulnerable").get(),
NS_LITERAL_STRING(".isInternal").get(),
str);
return NS_SUCCEEDED(rv);