Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-26 06:11:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bug 264560: tighten up referrer requirements for XPI whitelist, r=biesi,sr=jst

Browse Source
This commit is contained in:
dveditz%cruzio.com 2004-10-18 21:28:45 +00:00
parent 123d30041c
commit 69dcb6e4b7
1 changed files with 1 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
xpinstall/src/nsInstallTrigger.cpp
View File

@ -169,24 +169,11 @@ nsInstallTrigger::HandleContent(const char * aContentType,
#endif
// Save the referrer if any, for permission checks
PRBool trustReferrer = PR_FALSE;
nsCOMPtr<nsIURI> referringURI;
nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(channel));
if ( httpChannel )
{
httpChannel->GetReferrer(getter_AddRefs(referringURI));
// see if we should trust the referrer (which can be null):
// - we are an httpChannel (we are if we're here)
// - user has not turned off the feature
PRInt32 referrerLevel = 0;
nsCOMPtr<nsIPrefBranch> prefBranch(do_GetService(NS_PREFSERVICE_CONTRACTID));
if ( prefBranch)
{
rv = prefBranch->GetIntPref( (const char*)"network.http.sendRefererHeader",
&referrerLevel );
trustReferrer = ( NS_SUCCEEDED(rv) && (referrerLevel >= 2) );
}
}
@ -211,7 +198,7 @@ nsInstallTrigger::HandleContent(const char * aContentType,
// going to honor this request based on PermissionManager settings
PRBool enabled = PR_FALSE;
if ( trustReferrer )
if ( referringURI )
{
// easiest and most common case: base decision on http referrer
//