Default javascript: URIs to running in a sandbox instead of not running atall. Bug 376484, r+sr=jst

dom/public/nsIScriptChannel.idl

@@ -80,7 +80,7 @@ interface nsIScriptChannel : nsISupports
   /**
    * Whether and how the program represented by this channel is to be executed.
    * The default value if this property has never been set on this channel MUST
-   * be NO_EXECUTION.
+   * be either EXECUTE_IN_SANDBOX or NO_EXECUTION.
    *
    * @throws NS_ERROR_INVALID_ARG when set to an unrecognized value.
    */

dom/src/jsurl/nsJSProtocolHandler.cpp

@@ -435,7 +435,7 @@ nsJSChannel::nsJSChannel() :
     mLoadFlags(LOAD_NORMAL),
     mActualLoadFlags(LOAD_NORMAL),
     mPopupState(openOverridden),
-    mExecutionPolicy(NO_EXECUTION),
+    mExecutionPolicy(EXECUTE_IN_SANDBOX),
     mIsActive(PR_FALSE),
     mOpenedStreamChannel(PR_FALSE)
 {

layout/reftests/bugs/376484-1-ref.html

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+<body>
+<p style="color: green">This is text</p>
+<p style="color: green">This is more text</p>
+<p style="color: green">This is yet more text</p>
+<p style="color: green">This is even more text</p>
+</body>
+</html>
+

layout/reftests/bugs/376484-1.html

@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+<link rel="stylesheet" type="text/css"
+      href="data:text/css, .g1 { color: green }">
+<link rel="stylesheet" type="text/css"
+      href="javascript:' .g2 { color: green }'">
+<style type="text/css">
+  @import url("data:text/css, .g3 { color: green }");
+  @import url("javascript:' .g4 { color: green }'");
+</style>
+</head>
+<body>
+<p class="g1">This is text</p>
+<p class="g2">This is more text</p>
+<p class="g3">This is yet more text</p>
+<p class="g4">This is even more text</p>
+</body>
+</html>

layout/reftests/bugs/reftest.list

@@ -206,3 +206,4 @@ fails == 368504-1.html 368504-1-ref.html # bug 368504
 == 372062-1.html 372062-1-ref.html
 == 374038-1.xul 374038-1-ref.xul
 == 374038-2.xul 374038-2-ref.xul
+== 376484-1.html 376484-1-ref.html