mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-11 04:15:43 +00:00
Bug 326501. Mark tree views as being suitable for untrusted code. r+sr=bzbarsky
This commit is contained in:
parent
6942057a28
commit
8916588e70
@ -109,6 +109,10 @@ public:
|
||||
|
||||
static PRBool IsCallerChrome();
|
||||
|
||||
static PRBool IsCallerTrustedForRead();
|
||||
|
||||
static PRBool IsCallerTrustedForWrite();
|
||||
|
||||
/*
|
||||
* Returns true if the nodes are both in the same document or
|
||||
* if neither is in a document.
|
||||
|
@ -1018,6 +1018,37 @@ nsContentUtils::IsCallerChrome()
|
||||
return is_caller_chrome;
|
||||
}
|
||||
|
||||
static PRBool IsCallerTrustedForCapability(const char* aCapability)
|
||||
{
|
||||
if (nsContentUtils::IsCallerChrome())
|
||||
return PR_TRUE;
|
||||
|
||||
// The secman really should handle UniversalXPConnect case, since that
|
||||
// should include UniversalBrowserRead... doesn't right now, though.
|
||||
PRBool hasCap;
|
||||
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
|
||||
if (NS_FAILED(ssm->IsCapabilityEnabled(aCapability, &hasCap)))
|
||||
return PR_FALSE;
|
||||
if (hasCap)
|
||||
return PR_TRUE;
|
||||
|
||||
if (NS_FAILED(ssm->IsCapabilityEnabled("UniversalXPConnect", &hasCap)))
|
||||
return PR_FALSE;
|
||||
return hasCap;
|
||||
}
|
||||
|
||||
PRBool
|
||||
nsContentUtils::IsCallerTrustedForRead()
|
||||
{
|
||||
return IsCallerTrustedForCapability("UniversalBrowserRead");
|
||||
}
|
||||
|
||||
PRBool
|
||||
nsContentUtils::IsCallerTrustedForWrite()
|
||||
{
|
||||
return IsCallerTrustedForCapability("UniversalBrowserWrite");
|
||||
}
|
||||
|
||||
// static
|
||||
PRBool
|
||||
nsContentUtils::InSameDoc(nsIDOMNode* aNode, nsIDOMNode* aOther)
|
||||
|
Loading…
Reference in New Issue
Block a user