mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 13:51:41 +00:00
Bug 789224 - Remove miscellaneous UniversalXPConnect checks sprinkled throughout gecko. r=mrbkap
This commit is contained in:
parent
664f20a153
commit
66fe81e49a
@ -1537,11 +1537,7 @@ nsContentUtils::Shutdown()
|
||||
bool
|
||||
nsContentUtils::CallerHasUniversalXPConnect()
|
||||
{
|
||||
bool hasCap;
|
||||
if (NS_FAILED(sSecurityManager->IsCapabilityEnabled("UniversalXPConnect",
|
||||
&hasCap)))
|
||||
return false;
|
||||
return hasCap;
|
||||
return IsCallerChrome();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1782,8 +1778,12 @@ nsContentUtils::IsCallerChrome()
|
||||
if (NS_FAILED(rv)) {
|
||||
return false;
|
||||
}
|
||||
if (is_caller_chrome) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return is_caller_chrome;
|
||||
// If the check failed, look for UniversalXPConnect on the cx compartment.
|
||||
return xpc::IsUniversalXPConnectEnabled(GetCurrentJSContext());
|
||||
}
|
||||
|
||||
bool
|
||||
|
@ -324,15 +324,9 @@ GetInitArgs(JSContext *cx, uint32_t argc, jsval *argv,
|
||||
nsIPrincipal** aPrincipal, nsIURI** aDocumentURI,
|
||||
nsIURI** aBaseURI)
|
||||
{
|
||||
// Only proceed if the caller has UniversalXPConnect.
|
||||
bool haveUniversalXPConnect;
|
||||
nsresult rv = nsContentUtils::GetSecurityManager()->
|
||||
IsCapabilityEnabled("UniversalXPConnect", &haveUniversalXPConnect);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (!haveUniversalXPConnect) {
|
||||
if (!nsContentUtils::IsCallerChrome()) {
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
}
|
||||
|
||||
nsIXPConnect* xpc = nsContentUtils::XPConnect();
|
||||
|
||||
|
@ -2310,14 +2310,9 @@ nsINode::WrapObject(JSContext *aCx, JSObject *aScope, bool *aTriedToWrap)
|
||||
// If the document has never had a script handling object, untrusted
|
||||
// scripts (3) shouldn't touch it!
|
||||
bool hasHadScriptHandlingObject = false;
|
||||
bool enabled;
|
||||
nsIScriptSecurityManager* securityManager;
|
||||
if (!OwnerDoc()->GetScriptHandlingObject(hasHadScriptHandlingObject) &&
|
||||
!hasHadScriptHandlingObject &&
|
||||
!((securityManager = nsContentUtils::GetSecurityManager()) &&
|
||||
NS_SUCCEEDED(securityManager->IsCapabilityEnabled("UniversalXPConnect",
|
||||
&enabled)) &&
|
||||
enabled)) {
|
||||
!nsContentUtils::IsCallerChrome()) {
|
||||
Throw<true>(aCx, NS_ERROR_UNEXPECTED);
|
||||
*aTriedToWrap = true;
|
||||
return nullptr;
|
||||
|
@ -174,15 +174,6 @@ static void AddLoadFlags(nsIRequest *request, nsLoadFlags newFlags)
|
||||
request->SetLoadFlags(flags);
|
||||
}
|
||||
|
||||
static nsresult IsCapabilityEnabled(const char *capability, bool *enabled)
|
||||
{
|
||||
nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager();
|
||||
if (!secMan)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
return secMan->IsCapabilityEnabled(capability, enabled);
|
||||
}
|
||||
|
||||
// Helper proxy class to be used when expecting an
|
||||
// multipart/x-mixed-replace stream of XML documents.
|
||||
|
||||
@ -1475,9 +1466,7 @@ nsXMLHttpRequest::GetResponseHeader(const nsACString& header,
|
||||
}
|
||||
|
||||
// See bug #380418. Hide "Set-Cookie" headers from non-chrome scripts.
|
||||
bool chrome = false; // default to false in case IsCapabilityEnabled fails
|
||||
IsCapabilityEnabled("UniversalXPConnect", &chrome);
|
||||
if (!chrome &&
|
||||
if (!nsContentUtils::IsCallerChrome() &&
|
||||
(header.LowerCaseEqualsASCII("set-cookie") ||
|
||||
header.LowerCaseEqualsASCII("set-cookie2"))) {
|
||||
NS_WARNING("blocked access to response header");
|
||||
@ -3192,13 +3181,9 @@ nsXMLHttpRequest::SetRequestHeader(const nsACString& header,
|
||||
}
|
||||
|
||||
// Prevent modification to certain HTTP headers (see bug 302263), unless
|
||||
// the executing script has UniversalXPConnect.
|
||||
// the executing script is privileged.
|
||||
|
||||
bool privileged;
|
||||
if (NS_FAILED(IsCapabilityEnabled("UniversalXPConnect", &privileged)))
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
if (!privileged) {
|
||||
if (!nsContentUtils::IsCallerChrome()) {
|
||||
// Step 5: Check for dangerous headers.
|
||||
const char *kInvalidHeaders[] = {
|
||||
"accept-charset", "accept-encoding", "access-control-request-headers",
|
||||
@ -3423,13 +3408,7 @@ nsXMLHttpRequest::SetMozBackgroundRequest(bool aMozBackgroundRequest)
|
||||
void
|
||||
nsXMLHttpRequest::SetMozBackgroundRequest(bool aMozBackgroundRequest, nsresult& aRv)
|
||||
{
|
||||
bool privileged;
|
||||
aRv = IsCapabilityEnabled("UniversalXPConnect", &privileged);
|
||||
if (NS_FAILED(aRv)) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!privileged) {
|
||||
if (!nsContentUtils::IsCallerChrome()) {
|
||||
aRv = NS_ERROR_DOM_SECURITY_ERR;
|
||||
return;
|
||||
}
|
||||
@ -4030,9 +4009,7 @@ NS_IMETHODIMP nsXMLHttpRequest::
|
||||
nsHeaderVisitor::VisitHeader(const nsACString &header, const nsACString &value)
|
||||
{
|
||||
// See bug #380418. Hide "Set-Cookie" headers from non-chrome scripts.
|
||||
bool chrome = false; // default to false in case IsCapabilityEnabled fails
|
||||
IsCapabilityEnabled("UniversalXPConnect", &chrome);
|
||||
if (!chrome &&
|
||||
if (!nsContentUtils::IsCallerChrome() &&
|
||||
(header.LowerCaseEqualsASCII("set-cookie") ||
|
||||
header.LowerCaseEqualsASCII("set-cookie2"))) {
|
||||
NS_WARNING("blocked access to response header");
|
||||
|
@ -472,12 +472,7 @@ nsDOMEvent::InitEvent(const nsAString& aEventTypeArg, bool aCanBubbleArg, bool a
|
||||
|
||||
if (NS_IS_TRUSTED_EVENT(mEvent)) {
|
||||
// Ensure the caller is permitted to dispatch trusted DOM events.
|
||||
|
||||
bool enabled = false;
|
||||
nsContentUtils::GetSecurityManager()->
|
||||
IsCapabilityEnabled("UniversalXPConnect", &enabled);
|
||||
|
||||
if (!enabled) {
|
||||
if (!nsContentUtils::IsCallerChrome()) {
|
||||
SetTrusted(false);
|
||||
}
|
||||
}
|
||||
|
@ -723,19 +723,8 @@ nsXBLContentSink::ConstructImplementation(const PRUnichar **aAtts)
|
||||
}
|
||||
else if (localName == nsGkAtoms::implements) {
|
||||
// Only allow implementation of interfaces via XBL if the principal of
|
||||
// our XBL document has UniversalXPConnect privileges. No principal
|
||||
// means no privs!
|
||||
|
||||
// XXX this api is so badly tied to JS it's not even funny. We don't
|
||||
// have a concept of enabling capabilities on a per-principal basis,
|
||||
// but only on a per-principal-and-JS-stackframe basis! So for now
|
||||
// this is basically equivalent to testing that we have the system
|
||||
// principal, since there is no JS stackframe in sight here...
|
||||
bool hasUniversalXPConnect;
|
||||
nsresult rv = mDocument->NodePrincipal()->
|
||||
IsCapabilityEnabled("UniversalXPConnect", nullptr,
|
||||
&hasUniversalXPConnect);
|
||||
if (NS_SUCCEEDED(rv) && hasUniversalXPConnect) {
|
||||
// our XBL document is the system principal.
|
||||
if (nsContentUtils::IsSystemPrincipal(mDocument->NodePrincipal())) {
|
||||
mBinding->ConstructInterfaceTable(nsDependentString(aAtts[1]));
|
||||
}
|
||||
}
|
||||
|
@ -1338,28 +1338,12 @@ nsXULDocument::Persist(const nsAString& aID,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
bool
|
||||
nsXULDocument::IsCapabilityEnabled(const char* aCapabilityLabel)
|
||||
{
|
||||
nsresult rv;
|
||||
|
||||
// NodePrincipal is guarantied to be non-null
|
||||
bool enabled = false;
|
||||
rv = NodePrincipal()->IsCapabilityEnabled(aCapabilityLabel, nullptr, &enabled);
|
||||
if (NS_FAILED(rv))
|
||||
return false;
|
||||
|
||||
return enabled;
|
||||
}
|
||||
|
||||
|
||||
nsresult
|
||||
nsXULDocument::Persist(nsIContent* aElement, int32_t aNameSpaceID,
|
||||
nsIAtom* aAttribute)
|
||||
{
|
||||
// For non-chrome documents, persistance is simply broken
|
||||
if (!IsCapabilityEnabled("UniversalXPConnect"))
|
||||
if (!nsContentUtils::IsSystemPrincipal(NodePrincipal()))
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
|
||||
// First make sure we _have_ a local store to stuff the persisted
|
||||
@ -2109,7 +2093,7 @@ nsresult
|
||||
nsXULDocument::ApplyPersistentAttributes()
|
||||
{
|
||||
// For non-chrome documents, persistance is simply broken
|
||||
if (!IsCapabilityEnabled("UniversalXPConnect"))
|
||||
if (!nsContentUtils::IsSystemPrincipal(NodePrincipal()))
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
|
||||
// Add all of the 'persisted' attributes into the content
|
||||
|
@ -245,9 +245,6 @@ protected:
|
||||
|
||||
static PRLogModuleInfo* gXULLog;
|
||||
|
||||
bool
|
||||
IsCapabilityEnabled(const char* aCapabilityLabel);
|
||||
|
||||
nsresult
|
||||
Persist(nsIContent* aElement, int32_t aNameSpaceID, nsIAtom* aAttribute);
|
||||
|
||||
|
@ -1661,26 +1661,10 @@ bool
|
||||
nsDocShell::ValidateOrigin(nsIDocShellTreeItem* aOriginTreeItem,
|
||||
nsIDocShellTreeItem* aTargetTreeItem)
|
||||
{
|
||||
nsCOMPtr<nsIScriptSecurityManager> securityManager =
|
||||
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
|
||||
NS_ENSURE_TRUE(securityManager, false);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> subjectPrincipal;
|
||||
nsresult rv =
|
||||
securityManager->GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
|
||||
if (subjectPrincipal) {
|
||||
// We're called from JS, check if UniversalXPConnect is
|
||||
// enabled.
|
||||
bool ubwEnabled = false;
|
||||
rv = securityManager->IsCapabilityEnabled("UniversalXPConnect",
|
||||
&ubwEnabled);
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
|
||||
if (ubwEnabled) {
|
||||
return true;
|
||||
}
|
||||
// We want to bypass this check for chrome callers, but only if there's
|
||||
// JS on the stack. System callers still need to do it.
|
||||
if (nsContentUtils::GetCurrentJSContext() && nsContentUtils::IsCallerChrome()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Get origin document principal
|
||||
@ -1692,8 +1676,8 @@ nsDocShell::ValidateOrigin(nsIDocShellTreeItem* aOriginTreeItem,
|
||||
NS_ENSURE_TRUE(targetDocument, false);
|
||||
|
||||
bool equal;
|
||||
rv = originDocument->NodePrincipal()->
|
||||
Equals(targetDocument->NodePrincipal(), &equal);
|
||||
nsresult rv = originDocument->NodePrincipal()->Equals(targetDocument->NodePrincipal(),
|
||||
&equal);
|
||||
if (NS_SUCCEEDED(rv) && equal) {
|
||||
return true;
|
||||
}
|
||||
@ -8187,21 +8171,13 @@ nsDocShell::CheckLoadingPermissions()
|
||||
return rv;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIScriptSecurityManager> securityManager =
|
||||
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// We're a frame. Check that the caller has write permission to
|
||||
// the parent before allowing it to load anything into this
|
||||
// docshell.
|
||||
|
||||
nsCOMPtr<nsIScriptSecurityManager> securityManager =
|
||||
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
bool ubwEnabled = false;
|
||||
rv = securityManager->IsCapabilityEnabled("UniversalXPConnect",
|
||||
&ubwEnabled);
|
||||
if (NS_FAILED(rv) || ubwEnabled) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIPrincipal> subjPrincipal;
|
||||
rv = securityManager->GetSubjectPrincipal(getter_AddRefs(subjPrincipal));
|
||||
NS_ENSURE_TRUE(NS_SUCCEEDED(rv) && subjPrincipal, rv);
|
||||
|
@ -15,6 +15,7 @@
|
||||
#include "nsIWebBrowserChrome.h"
|
||||
#include "nsIDOMWindow.h"
|
||||
#include "nsDOMClassInfoID.h"
|
||||
#include "nsContentUtils.h"
|
||||
|
||||
//
|
||||
// Basic (virtual) BarProp class implementation
|
||||
@ -68,13 +69,7 @@ nsBarProp::SetVisibleByFlag(bool aVisible, uint32_t aChromeFlag)
|
||||
nsCOMPtr<nsIWebBrowserChrome> browserChrome = GetBrowserChrome();
|
||||
NS_ENSURE_TRUE(browserChrome, NS_OK);
|
||||
|
||||
bool enabled = false;
|
||||
|
||||
nsCOMPtr<nsIScriptSecurityManager>
|
||||
securityManager(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
|
||||
if (securityManager)
|
||||
securityManager->IsCapabilityEnabled("UniversalXPConnect", &enabled);
|
||||
if (!enabled)
|
||||
if (!nsContentUtils::IsCallerChrome())
|
||||
return NS_OK;
|
||||
|
||||
uint32_t chromeFlags;
|
||||
@ -285,13 +280,7 @@ nsScrollbarsProp::GetVisible(bool *aVisible)
|
||||
NS_IMETHODIMP
|
||||
nsScrollbarsProp::SetVisible(bool aVisible)
|
||||
{
|
||||
bool enabled = false;
|
||||
|
||||
nsCOMPtr<nsIScriptSecurityManager>
|
||||
securityManager(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
|
||||
if (securityManager)
|
||||
securityManager->IsCapabilityEnabled("UniversalXPConnect", &enabled);
|
||||
if (!enabled)
|
||||
if (!nsContentUtils::IsCallerChrome())
|
||||
return NS_OK;
|
||||
|
||||
/* Scrollbars, unlike the other barprops, implement visibility directly
|
||||
|
@ -7722,15 +7722,6 @@ nsNodeSH::PostCreatePrototype(JSContext * cx, JSObject * proto)
|
||||
return rv;
|
||||
}
|
||||
|
||||
bool
|
||||
nsNodeSH::IsCapabilityEnabled(const char* aCapability)
|
||||
{
|
||||
bool enabled;
|
||||
return sSecMan &&
|
||||
NS_SUCCEEDED(sSecMan->IsCapabilityEnabled(aCapability, &enabled)) &&
|
||||
enabled;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNodeSH::PreCreate(nsISupports *nativeObj, JSContext *cx, JSObject *globalObj,
|
||||
JSObject **parentObj)
|
||||
@ -7766,7 +7757,7 @@ nsNodeSH::PreCreate(nsISupports *nativeObj, JSContext *cx, JSObject *globalObj,
|
||||
bool hasHadScriptHandlingObject = false;
|
||||
NS_ENSURE_STATE(doc->GetScriptHandlingObject(hasHadScriptHandlingObject) ||
|
||||
hasHadScriptHandlingObject ||
|
||||
IsPrivilegedScript());
|
||||
nsContentUtils::IsCallerChrome());
|
||||
|
||||
nsINode *native_parent;
|
||||
|
||||
|
@ -518,13 +518,6 @@ protected:
|
||||
{
|
||||
}
|
||||
|
||||
// Helper to check whether a capability is enabled
|
||||
bool IsCapabilityEnabled(const char* aCapability);
|
||||
|
||||
inline bool IsPrivilegedScript() {
|
||||
return IsCapabilityEnabled("UniversalXPConnect");
|
||||
}
|
||||
|
||||
public:
|
||||
NS_IMETHOD PreCreate(nsISupports *nativeObj, JSContext *cx,
|
||||
JSObject *globalObj, JSObject **parentObj);
|
||||
|
@ -74,11 +74,7 @@ using namespace mozilla::widget;
|
||||
|
||||
static bool IsUniversalXPConnectCapable()
|
||||
{
|
||||
bool hasCap = false;
|
||||
nsresult rv = nsContentUtils::GetSecurityManager()->
|
||||
IsCapabilityEnabled("UniversalXPConnect", &hasCap);
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
return hasCap;
|
||||
return nsContentUtils::IsCallerChrome();
|
||||
}
|
||||
|
||||
DOMCI_DATA(WindowUtils, nsDOMWindowUtils)
|
||||
|
@ -2460,10 +2460,7 @@ nsJSContext::AddSupportsPrimitiveTojsvals(nsISupports *aArg, jsval *aArgv)
|
||||
static JSBool
|
||||
CheckUniversalXPConnectForTraceMalloc(JSContext *cx)
|
||||
{
|
||||
bool hasCap = false;
|
||||
nsresult rv = nsContentUtils::GetSecurityManager()->
|
||||
IsCapabilityEnabled("UniversalXPConnect", &hasCap);
|
||||
if (NS_SUCCEEDED(rv) && hasCap)
|
||||
if (nsContentUtils::IsCallerChrome())
|
||||
return JS_TRUE;
|
||||
JS_ReportError(cx, "trace-malloc functions require UniversalXPConnect");
|
||||
return JS_FALSE;
|
||||
|
@ -532,16 +532,7 @@ ResolveWorkerClasses(JSContext* aCx, JSHandleObject aObj, JSHandleId aId, unsign
|
||||
|
||||
for (uint32_t i = 0; i < ID_COUNT; i++) {
|
||||
if (gStringIDs[i] == aId) {
|
||||
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
|
||||
NS_ASSERTION(ssm, "This should never be null!");
|
||||
|
||||
bool enabled;
|
||||
if (NS_FAILED(ssm->IsCapabilityEnabled("UniversalXPConnect", &enabled))) {
|
||||
NS_WARNING("IsCapabilityEnabled failed!");
|
||||
isChrome = false;
|
||||
}
|
||||
|
||||
isChrome = !!enabled;
|
||||
isChrome = nsContentUtils::IsCallerChrome();
|
||||
|
||||
// Don't resolve if this is ChromeWorker and we're not chrome. Otherwise
|
||||
// always resolve.
|
||||
|
@ -2515,11 +2515,7 @@ WorkerPrivate::Create(JSContext* aCx, JSObject* aObj, WorkerPrivate* aParent,
|
||||
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
|
||||
NS_ASSERTION(ssm, "This should never be null!");
|
||||
|
||||
bool isChrome;
|
||||
if (NS_FAILED(ssm->IsCapabilityEnabled("UniversalXPConnect", &isChrome))) {
|
||||
NS_WARNING("IsCapabilityEnabled failed!");
|
||||
isChrome = false;
|
||||
}
|
||||
bool isChrome = nsContentUtils::IsCallerChrome();
|
||||
|
||||
// First check to make sure the caller has permission to make a
|
||||
// ChromeWorker if they called the ChromeWorker constructor.
|
||||
|
@ -704,11 +704,7 @@ nsresult nsWebBrowserFind::SearchInFrame(nsIDOMWindow* aWindow,
|
||||
rv = subject->Subsumes(theDoc->NodePrincipal(), &subsumes);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
if (!subsumes) {
|
||||
bool hasCap = false;
|
||||
secMan->IsCapabilityEnabled("UniversalXPConnect", &hasCap);
|
||||
if (!hasCap) {
|
||||
return NS_ERROR_DOM_PROP_ACCESS_DENIED;
|
||||
}
|
||||
return NS_ERROR_DOM_PROP_ACCESS_DENIED;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1607,13 +1607,7 @@ uint32_t nsWindowWatcher::CalculateChromeFlags(nsIDOMWindow *aParent,
|
||||
*/
|
||||
|
||||
// Check security state for use in determing window dimensions
|
||||
bool enabled = false;
|
||||
if (securityManager) {
|
||||
rv = securityManager->IsCapabilityEnabled("UniversalXPConnect",
|
||||
&enabled);
|
||||
}
|
||||
|
||||
if (NS_FAILED(rv) || !enabled || (isChrome && !aHasChromeParent)) {
|
||||
if (!nsContentUtils::IsCallerChrome() || (isChrome && !aHasChromeParent)) {
|
||||
// If priv check fails (or if we're called from chrome, but the
|
||||
// parent is not a chrome window), set all elements to minimum
|
||||
// reqs., else leave them alone.
|
||||
@ -2045,31 +2039,14 @@ nsWindowWatcher::SizeOpenedDocShellItem(nsIDocShellTreeItem *aDocShellItem,
|
||||
}
|
||||
|
||||
bool positionSpecified = aSizeSpec.PositionSpecified();
|
||||
|
||||
nsresult res;
|
||||
bool enabled = false;
|
||||
|
||||
// Check security state for use in determing window dimensions
|
||||
nsCOMPtr<nsIScriptSecurityManager>
|
||||
securityManager(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
|
||||
if (securityManager) {
|
||||
res = securityManager->IsCapabilityEnabled("UniversalXPConnect",
|
||||
&enabled);
|
||||
if (NS_FAILED(res))
|
||||
enabled = false;
|
||||
else if (enabled && aParent) {
|
||||
nsCOMPtr<nsIDOMChromeWindow> chromeWin(do_QueryInterface(aParent));
|
||||
|
||||
bool isChrome = false;
|
||||
nsresult rv = securityManager->SubjectPrincipalIsSystem(&isChrome);
|
||||
if (NS_FAILED(rv)) {
|
||||
isChrome = false;
|
||||
}
|
||||
|
||||
// Only enable special priveleges for chrome when chrome calls
|
||||
// open() on a chrome window
|
||||
enabled = !(isChrome && chromeWin == nullptr);
|
||||
}
|
||||
bool enabled = false;
|
||||
if (nsContentUtils::IsCallerChrome()) {
|
||||
// Only enable special priveleges for chrome when chrome calls
|
||||
// open() on a chrome window
|
||||
nsCOMPtr<nsIDOMChromeWindow> chromeWin(do_QueryInterface(aParent));
|
||||
enabled = !aParent || chromeWin;
|
||||
}
|
||||
|
||||
if (!enabled) {
|
||||
|
Loading…
Reference in New Issue
Block a user