mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-26 22:32:46 +00:00
Bug 59758 - form submission gives incorrect warning. r=javi,sr=blizzard
This commit is contained in:
parent
cda0c1c6f4
commit
ee2c75f35c
@ -239,6 +239,9 @@ nsSecureBrowserUIImpl::Notify(nsIContent* formNode,
|
||||
nsCOMPtr<nsIDocument> document;
|
||||
formNode->GetDocument(*getter_AddRefs(document));
|
||||
if (!document) return NS_OK;
|
||||
|
||||
nsCOMPtr<nsIURI> formURL;
|
||||
document->GetBaseURL(*getter_AddRefs(formURL));
|
||||
|
||||
nsCOMPtr<nsIScriptGlobalObject> globalObject;
|
||||
document->GetScriptGlobalObject(getter_AddRefs(globalObject));
|
||||
@ -252,7 +255,7 @@ nsSecureBrowserUIImpl::Notify(nsIContent* formNode,
|
||||
return NS_OK;
|
||||
|
||||
PRBool okayToPost;
|
||||
nsresult res = CheckPost(actionURL, &okayToPost);
|
||||
nsresult res = CheckPost(formURL, actionURL, &okayToPost);
|
||||
|
||||
if (NS_SUCCEEDED(res) && !okayToPost)
|
||||
*cancelSubmit = PR_TRUE;
|
||||
@ -583,26 +586,26 @@ nsSecureBrowserUIImpl::CheckMixedContext(nsISecurityEventSink *eventSink,
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsSecureBrowserUIImpl::CheckPost(nsIURI *actionURL, PRBool *okayToPost)
|
||||
nsSecureBrowserUIImpl::CheckPost(nsIURI *formURL, nsIURI *actionURL, PRBool *okayToPost)
|
||||
{
|
||||
PRBool secure;
|
||||
PRBool formSecure,actionSecure;
|
||||
*okayToPost = PR_TRUE;
|
||||
|
||||
nsresult rv = IsURLHTTPS(actionURL, &secure);
|
||||
nsresult rv = IsURLHTTPS(formURL, &formSecure);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
rv = IsURLHTTPS(actionURL, &actionSecure);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
// if we are posting to a secure link from a secure page, all is okay.
|
||||
if (secure &&
|
||||
(IS_SECURE(mSecurityState) ||
|
||||
mSecurityState == STATE_IS_BROKEN)) {
|
||||
if (actionSecure && formSecure) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// posting to insecure webpage from a secure webpage.
|
||||
if (!secure &&
|
||||
(IS_SECURE(mSecurityState) ||
|
||||
mSecurityState == STATE_IS_BROKEN)) {
|
||||
if (!actionSecure && formSecure) {
|
||||
*okayToPost = ConfirmPostToInsecureFromSecure();
|
||||
} else {
|
||||
*okayToPost = ConfirmPostToInsecure();
|
||||
|
@ -88,7 +88,7 @@ protected:
|
||||
nsIRequest* request, nsIChannel* aChannel);
|
||||
nsresult CheckMixedContext(nsISecurityEventSink* sink, nsIRequest* request,
|
||||
nsIChannel* aChannel);
|
||||
nsresult CheckPost(nsIURI *actionURL, PRBool *okayToPost);
|
||||
nsresult CheckPost(nsIURI *formURI, nsIURI *actionURL, PRBool *okayToPost);
|
||||
nsresult IsURLHTTPS(nsIURI* aURL, PRBool *value);
|
||||
nsresult SetBrokenLockIcon(nsISecurityEventSink* sink, nsIRequest* request,
|
||||
PRBool removeValue = PR_FALSE);
|
||||
|
Loading…
Reference in New Issue
Block a user