mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 19:04:45 +00:00
Bug 1735746
- Log an error message to the web console for blocked external protocol navigation from sandbox. r=ckerschb
Depends on D141132 Differential Revision: https://phabricator.services.mozilla.com/D141133
This commit is contained in:
parent
6f039abdf3
commit
68b4cc3fce
@ -153,6 +153,9 @@ HTTPSOnlyUpgradeSpeculativeConnection = Upgrading insecure speculative TCP conne
|
||||
# LOCALIZATION NOTE: %S is the URL of the blocked request;
|
||||
IframeSandboxBlockedDownload = Download of “%S” was blocked because the triggering iframe has the sandbox flag set.
|
||||
|
||||
# LOCALIZATION NOTE: %S is the URL of the blocked request;
|
||||
SandboxBlockedCustomProtocols = Blocked navigation to custom protocol “%S” from a sandboxed context.
|
||||
|
||||
# Sanitizer API
|
||||
# LOCALIZATION NOTE: Please do not localize "DocumentFragment". It's the name of an API.
|
||||
SanitizerRcvdNoInput = Received empty or no input. Returning an empty DocumentFragment.
|
||||
|
@ -1156,6 +1156,32 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI,
|
||||
if (aBrowsingContext &&
|
||||
ExternalProtocolIsBlockedBySandbox(aBrowsingContext,
|
||||
aHasValidUserGestureActivation)) {
|
||||
// Log an error to the web console of the sandboxed BrowsingContext.
|
||||
nsAutoString localizedMsg;
|
||||
nsAutoCString spec;
|
||||
aURI->GetSpec(spec);
|
||||
|
||||
AutoTArray<nsString, 1> params = {NS_ConvertUTF8toUTF16(spec)};
|
||||
nsresult rv = nsContentUtils::FormatLocalizedString(
|
||||
nsContentUtils::eSECURITY_PROPERTIES, "SandboxBlockedCustomProtocols",
|
||||
params, localizedMsg);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Log to the the parent window of the iframe. If there is no parent, fall
|
||||
// back to the iframe window itself.
|
||||
WindowContext* windowContext = aBrowsingContext->GetParentWindowContext();
|
||||
if (!windowContext) {
|
||||
windowContext = aBrowsingContext->GetCurrentWindowContext();
|
||||
}
|
||||
|
||||
// Skip logging if we still don't have a WindowContext.
|
||||
NS_ENSURE_TRUE(windowContext, NS_ERROR_FAILURE);
|
||||
|
||||
nsContentUtils::ReportToConsoleByWindowID(
|
||||
localizedMsg, nsIScriptError::errorFlag, "Security"_ns,
|
||||
windowContext->InnerWindowId(),
|
||||
windowContext->Canonical()->GetDocumentURI());
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user