mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-19 16:25:38 +00:00
Bug 1421099 - blob URLs must check the nsILoadInfo originAttributes with its one in case used as top-level url, r=smaug
This commit is contained in:
parent
f4ddc50d61
commit
d368c9c43e
@ -7,6 +7,7 @@
|
||||
#include "nsHostObjectProtocolHandler.h"
|
||||
|
||||
#include "DOMMediaStream.h"
|
||||
#include "mozilla/dom/ChromeUtils.h"
|
||||
#include "mozilla/dom/ContentChild.h"
|
||||
#include "mozilla/dom/ContentParent.h"
|
||||
#include "mozilla/dom/Exceptions.h"
|
||||
@ -823,23 +824,35 @@ nsHostObjectProtocolHandler::NewChannel2(nsIURI* uri,
|
||||
return NS_ERROR_DOM_BAD_URI;
|
||||
}
|
||||
|
||||
#ifdef DEBUG
|
||||
DataInfo* info = GetDataInfoFromURI(uri);
|
||||
|
||||
// Info can be null, in case this blob URL has been revoked already.
|
||||
if (info) {
|
||||
nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(uri);
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
uriPrinc->GetPrincipal(getter_AddRefs(principal));
|
||||
MOZ_ASSERT(info->mPrincipal == principal, "Wrong principal!");
|
||||
nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(uri);
|
||||
if (!uriPrinc) {
|
||||
return NS_ERROR_DOM_BAD_URI;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
nsresult rv = uriPrinc->GetPrincipal(getter_AddRefs(principal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
#ifdef DEBUG
|
||||
// Info can be null, in case this blob URL has been revoked already.
|
||||
DataInfo* info = GetDataInfoFromURI(uri);
|
||||
MOZ_ASSERT_IF(info, info->mPrincipal == principal);
|
||||
#endif
|
||||
|
||||
ErrorResult rv;
|
||||
// We want to be sure that we stop the creation of the channel if the blob URL
|
||||
// is copy-and-pasted on a different context (ex. private browsing or
|
||||
// containers).
|
||||
if (aLoadInfo &&
|
||||
!ChromeUtils::IsOriginAttributesEqualIgnoringFPD(aLoadInfo->GetOriginAttributes(),
|
||||
BasePrincipal::Cast(principal)->OriginAttributesRef())) {
|
||||
return NS_ERROR_DOM_BAD_URI;
|
||||
}
|
||||
|
||||
ErrorResult error;
|
||||
nsCOMPtr<nsIInputStream> stream;
|
||||
blobImpl->CreateInputStream(getter_AddRefs(stream), rv);
|
||||
if (NS_WARN_IF(rv.Failed())) {
|
||||
return rv.StealNSResult();
|
||||
blobImpl->CreateInputStream(getter_AddRefs(stream), error);
|
||||
if (NS_WARN_IF(error.Failed())) {
|
||||
return error.StealNSResult();
|
||||
}
|
||||
|
||||
nsAutoString contentType;
|
||||
@ -852,8 +865,8 @@ nsHostObjectProtocolHandler::NewChannel2(nsIURI* uri,
|
||||
NS_ConvertUTF16toUTF8(contentType),
|
||||
EmptyCString(), // aContentCharset
|
||||
aLoadInfo);
|
||||
if (NS_WARN_IF(rv.Failed())) {
|
||||
return rv.StealNSResult();
|
||||
if (NS_WARN_IF(NS_FAILED(rv))) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
if (blobImpl->IsFile()) {
|
||||
@ -862,9 +875,9 @@ nsHostObjectProtocolHandler::NewChannel2(nsIURI* uri,
|
||||
channel->SetContentDispositionFilename(filename);
|
||||
}
|
||||
|
||||
uint64_t size = blobImpl->GetSize(rv);
|
||||
if (NS_WARN_IF(rv.Failed())) {
|
||||
return rv.StealNSResult();
|
||||
uint64_t size = blobImpl->GetSize(error);
|
||||
if (NS_WARN_IF(error.Failed())) {
|
||||
return error.StealNSResult();
|
||||
}
|
||||
|
||||
channel->SetOriginalURI(uri);
|
||||
|
Loading…
Reference in New Issue
Block a user