Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 19:04:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1735746 - Add a pref and limit external protocol sandbox blocking to Nightly. r=ckerschb,farre

Browse Source 
Depends on D141131

Differential Revision: https://phabricator.services.mozilla.com/D141132
This commit is contained in:
Paul Zuehlcke 2022-04-20 11:06:50 +00:00
parent 1e4838aeeb
commit 6f039abdf3
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/libpref/init/StaticPrefList.yaml
View File

@ -1916,6 +1916,12 @@
value: true
mirror: always
# Block sandboxed BrowsingContexts from navigating to external protocols.
- name: dom.block_external_protocol_navigation_from_sandbox
type: bool
value: @IS_NIGHTLY_BUILD@
mirror: always
# Block Insecure downloads from Secure Origins
- name: dom.block_download_insecure
type: bool

5
uriloader/exthandler/nsExternalHelperAppService.cpp
View File

@ -16,6 +16,7 @@
#include "mozilla/dom/CanonicalBrowsingContext.h"
#include "mozilla/dom/WindowGlobalParent.h"
#include "mozilla/RandomNum.h"
#include "mozilla/StaticPrefs_dom.h"
#include "mozilla/StaticPrefs_security.h"
#include "mozilla/StaticPtr.h"
#include "nsXULAppAPI.h"
@ -1099,6 +1100,10 @@ nsresult nsExternalHelperAppService::EscapeURI(nsIURI* aURI, nsIURI** aResult) {
bool ExternalProtocolIsBlockedBySandbox(
BrowsingContext* aBrowsingContext,
const bool aHasValidUserGestureActivation) {
if (!StaticPrefs::dom_block_external_protocol_navigation_from_sandbox()) {
return false;
}
if (!aBrowsingContext || aBrowsingContext->IsTop()) {
return false;
}