From 69dcb6e4b73915b347507ee70c74df0009317254 Mon Sep 17 00:00:00 2001
From: "dveditz%cruzio.com" <dveditz%cruzio.com>
Date: Mon, 18 Oct 2004 21:28:45 +0000
Subject: [PATCH] bug 264560: tighten up referrer requirements for XPI
 whitelist, r=biesi,sr=jst

---
 xpinstall/src/nsInstallTrigger.cpp | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/xpinstall/src/nsInstallTrigger.cpp b/xpinstall/src/nsInstallTrigger.cpp
index 3e6c9602810b..e0bf2cb43914 100644
--- a/xpinstall/src/nsInstallTrigger.cpp
+++ b/xpinstall/src/nsInstallTrigger.cpp
@@ -169,24 +169,11 @@ nsInstallTrigger::HandleContent(const char * aContentType,
 #endif
 
     // Save the referrer if any, for permission checks
-    PRBool trustReferrer = PR_FALSE;
     nsCOMPtr<nsIURI> referringURI;
     nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(channel));
     if ( httpChannel )
     {
         httpChannel->GetReferrer(getter_AddRefs(referringURI));
-
-        // see if we should trust the referrer (which can be null):
-        //  - we are an httpChannel (we are if we're here)
-        //  - user has not turned off the feature
-        PRInt32 referrerLevel = 0;
-        nsCOMPtr<nsIPrefBranch> prefBranch(do_GetService(NS_PREFSERVICE_CONTRACTID));
-        if ( prefBranch)
-        {
-            rv = prefBranch->GetIntPref( (const char*)"network.http.sendRefererHeader",
-                                         &referrerLevel );
-            trustReferrer = ( NS_SUCCEEDED(rv) && (referrerLevel >= 2) );
-        }
     }
 
 
@@ -211,7 +198,7 @@ nsInstallTrigger::HandleContent(const char * aContentType,
     // going to honor this request based on PermissionManager settings
     PRBool enabled = PR_FALSE;
 
-    if ( trustReferrer )
+    if ( referringURI )
     {
         // easiest and most common case: base decision on http referrer
         //