Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-24 21:31:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1424474 part 1. Make sure we don't call into the chrome registry's AllowContentToAccess with non-chrome URLs. r=gijs

Browse Source 
MozReview-Commit-ID: I3DyrYGpGC2
This commit is contained in:
Boris Zbarsky 2017-12-21 10:54:43 -05:00
parent b05397d47c
commit 7ebac0960f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
caps/nsScriptSecurityManager.cpp
View File

@ -897,7 +897,7 @@ nsScriptSecurityManager::CheckLoadURIFlags(nsIURI *aSourceURI,
if (accessAllowed) {
return NS_OK;
}
} else {
} else if (targetScheme.EqualsLiteral("chrome")) {
// Allow the load only if the chrome package is whitelisted.
nsCOMPtr<nsIXULChromeRegistry> reg(
do_GetService(NS_CHROMEREGISTRY_CONTRACTID));