diff --git a/caps/idl/nsIScriptSecurityManager.idl b/caps/idl/nsIScriptSecurityManager.idl index 34f8281a6896..5f82d27a8d4b 100644 --- a/caps/idl/nsIScriptSecurityManager.idl +++ b/caps/idl/nsIScriptSecurityManager.idl @@ -83,6 +83,21 @@ interface nsIScriptSecurityManager : nsISupports */ void CheckLoadURIFromScript(in JSContextPtr cx, in nsIURI uri); + /** + * Default CheckLoadURI permissions + */ + const unsigned long STANDARD = 0; + + /** + * If the source is mail, disallow the load + */ + const unsigned long DISALLOW_FROM_MAIL = 1 << 0; + + /** + * Allow the loading of chrome URLs by non-chrome URLs + */ + const unsigned long ALLOW_CHROME = 1 << 1; + /** * Check that content from "from" can load "uri". * @@ -95,7 +110,7 @@ interface nsIScriptSecurityManager : nsISupports * is a URI associated with mail or news */ void CheckLoadURI(in nsIURI from, in nsIURI uri, - in boolean disallowFromMail); + in unsigned long flags); /** * Check that the function 'funObj' is allowed to run on 'targetObj' diff --git a/caps/src/nsScriptSecurityManager.cpp b/caps/src/nsScriptSecurityManager.cpp index b728ec012595..9d9cf3134e03 100644 --- a/caps/src/nsScriptSecurityManager.cpp +++ b/caps/src/nsScriptSecurityManager.cpp @@ -479,7 +479,7 @@ nsScriptSecurityManager::CheckLoadURIFromScript(JSContext *cx, nsCOMPtr uri; if (NS_FAILED(codebase->GetURI(getter_AddRefs(uri)))) return NS_ERROR_FAILURE; - if (NS_SUCCEEDED(CheckLoadURI(uri, aURI, PR_FALSE))) + if (NS_SUCCEEDED(CheckLoadURI(uri, aURI, nsIScriptSecurityManager::STANDARD ))) return NS_OK; // See if we're attempting to load a file: URI. If so, let a @@ -506,72 +506,73 @@ nsScriptSecurityManager::CheckLoadURIFromScript(JSContext *cx, } NS_IMETHODIMP -nsScriptSecurityManager::CheckLoadURI(nsIURI *aFromURI, nsIURI *aURI, - PRBool aDisallowFromMail) +nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI, + PRUint32 aFlags) { nsCOMPtr jarURI; - nsCOMPtr uri = aFromURI; - while(uri && NS_SUCCEEDED(uri->QueryInterface(NS_GET_IID(nsIJARURI), - getter_AddRefs(jarURI)))) - jarURI->GetJARFile(getter_AddRefs(uri)); - if (!uri) return NS_ERROR_FAILURE; + nsCOMPtr sourceUri(aSourceURI); + while((jarURI = do_QueryInterface(sourceUri))) + jarURI->GetJARFile(getter_AddRefs(sourceUri)); + if (!sourceUri) return NS_ERROR_FAILURE; - nsXPIDLCString fromScheme; - if (NS_FAILED(uri->GetScheme(getter_Copies(fromScheme)))) + nsXPIDLCString sourceScheme; + if (NS_FAILED(sourceUri->GetScheme(getter_Copies(sourceScheme)))) return NS_ERROR_FAILURE; - if (aDisallowFromMail && - (nsCRT::strcasecmp(fromScheme, "mailbox") == 0 || - nsCRT::strcasecmp(fromScheme, "imap") == 0 || - nsCRT::strcasecmp(fromScheme, "news") == 0)) + // Some loads are not allowed from mail/news messages + if ((aFlags & nsIScriptSecurityManager::DISALLOW_FROM_MAIL) && + (nsCRT::strcasecmp(sourceScheme, "mailbox") == 0 || + nsCRT::strcasecmp(sourceScheme, "imap") == 0 || + nsCRT::strcasecmp(sourceScheme, "news") == 0)) { return NS_ERROR_DOM_BAD_URI; } - uri = aURI; - while(uri && NS_SUCCEEDED(uri->QueryInterface(NS_GET_IID(nsIJARURI), - getter_AddRefs(jarURI)))) - jarURI->GetJARFile(getter_AddRefs(uri)); - if (!uri) return NS_ERROR_FAILURE; + nsCOMPtr targetUri(aTargetURI); + while((jarURI = do_QueryInterface(targetUri))) + jarURI->GetJARFile(getter_AddRefs(targetUri)); + if (!targetUri) return NS_ERROR_FAILURE; - nsXPIDLCString scheme; - if (NS_FAILED(uri->GetScheme(getter_Copies(scheme)))) + nsXPIDLCString targetScheme; + if (NS_FAILED(targetUri->GetScheme(getter_Copies(targetScheme)))) return NS_ERROR_FAILURE; - if (nsCRT::strcasecmp(scheme, fromScheme) == 0) + if (nsCRT::strcasecmp(targetScheme, sourceScheme) == 0) { // every scheme can access another URI from the same scheme return NS_OK; } - enum Action { AllowProtocol, DenyProtocol, PrefControlled }; + enum Action { AllowProtocol, DenyProtocol, PrefControlled, ChromeProtocol }; static const struct { const char *name; Action action; } protocolList[] = { - { "about", AllowProtocol }, - { "data", AllowProtocol }, - { "file", PrefControlled }, - { "ftp", AllowProtocol }, + //-- Keep the most commonly used protocols at the top of the list + // to increase performance { "http", AllowProtocol }, + { "file", PrefControlled }, { "https", AllowProtocol }, + { "chrome", ChromeProtocol }, + { "mailbox", DenyProtocol }, + { "pop", AllowProtocol }, + { "imap", DenyProtocol }, + { "pop3", DenyProtocol }, + { "news", AllowProtocol }, + { "javascript", AllowProtocol }, + { "ftp", AllowProtocol }, + { "about", AllowProtocol }, + { "mailto", AllowProtocol }, + { "data", AllowProtocol }, { "keyword", DenyProtocol }, - { "res", DenyProtocol }, { "resource", DenyProtocol }, { "datetime", DenyProtocol }, { "finger", AllowProtocol }, - { "chrome", AllowProtocol }, - { "javascript", AllowProtocol }, - { "mailto", AllowProtocol }, - { "imap", DenyProtocol }, - { "mailbox", DenyProtocol }, - { "pop3", DenyProtocol }, - { "pop", AllowProtocol }, - { "news", AllowProtocol }, + { "res", DenyProtocol } }; for (unsigned i=0; i < sizeof(protocolList)/sizeof(protocolList[0]); i++) { - if (nsCRT::strcasecmp(scheme, protocolList[i].name) == 0) { + if (nsCRT::strcasecmp(targetScheme, protocolList[i].name) == 0) { PRBool doCheck = PR_FALSE; switch (protocolList[i].action) { case AllowProtocol: @@ -581,6 +582,9 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aFromURI, nsIURI *aURI, // Allow access if pref is false mPrefs->GetBoolPref("security.checkloaduri", &doCheck); return doCheck ? NS_ERROR_DOM_BAD_URI : NS_OK; + case ChromeProtocol: + return (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) ? + NS_OK : NS_ERROR_DOM_BAD_URI; case DenyProtocol: // Deny access return NS_ERROR_DOM_BAD_URI; diff --git a/chrome/src/nsChromeProtocolHandler.cpp b/chrome/src/nsChromeProtocolHandler.cpp index 0d76abd76d3c..4d8b47de1dde 100644 --- a/chrome/src/nsChromeProtocolHandler.cpp +++ b/chrome/src/nsChromeProtocolHandler.cpp @@ -724,7 +724,8 @@ nsChromeProtocolHandler::NewChannel(nsIURI* aURI, nsCOMPtr url = do_QueryInterface(aURI); nsXPIDLCString fileExtension; rv = url->GetFileExtension(getter_Copies(fileExtension)); - if (PL_strcmp(fileExtension, "xul") == 0) + if (PL_strcasecmp(fileExtension, "xul") == 0 || PL_strcasecmp(fileExtension, "html") == 0 || + PL_strcasecmp(fileExtension, "xml") == 0) { NS_WITH_SERVICE(nsIScriptSecurityManager, securityManager, NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); diff --git a/content/base/src/nsGenericElement.cpp b/content/base/src/nsGenericElement.cpp index 45807a46aaea..81243a8b6c0e 100644 --- a/content/base/src/nsGenericElement.cpp +++ b/content/base/src/nsGenericElement.cpp @@ -2410,7 +2410,7 @@ nsGenericElement::TriggerLink(nsIPresContext* aPresContext, if (NS_SUCCEEDED(rv)) rv = NS_NewURI(getter_AddRefs(absURI), absURLSpec, aBaseURL); if (NS_SUCCEEDED(rv)) - proceed = securityManager->CheckLoadURI(aBaseURL, absURI, PR_FALSE); + proceed = securityManager->CheckLoadURI(aBaseURL, absURI, nsIScriptSecurityManager::STANDARD); // Only pass off the click event if the script security manager // says it's ok. diff --git a/content/html/document/src/nsHTMLContentSink.cpp b/content/html/document/src/nsHTMLContentSink.cpp index d2b9f9d78d85..fd52e4517e3c 100644 --- a/content/html/document/src/nsHTMLContentSink.cpp +++ b/content/html/document/src/nsHTMLContentSink.cpp @@ -3665,7 +3665,7 @@ HTMLContentSink::ProcessBaseHref(const nsString& aBaseHref) nsCOMPtr baseHrefURI; rv = NS_NewURI(getter_AddRefs(baseHrefURI), aBaseHref, nsnull); if (NS_FAILED(rv)) return; - rv = securityManager->CheckLoadURI(mDocumentBaseURL, baseHrefURI, PR_FALSE); + rv = securityManager->CheckLoadURI(mDocumentBaseURL, baseHrefURI, nsIScriptSecurityManager::STANDARD); if (NS_FAILED(rv)) return; if (nsnull == mBody) { // still in real HEAD @@ -4355,7 +4355,7 @@ HTMLContentSink::ProcessMETATag(const nsIParserNode& aNode) if (NS_SUCCEEDED(rv)) { rv = securityManager->CheckLoadURI(baseURI, uri, - PR_TRUE); + nsIScriptSecurityManager::DISALLOW_FROM_MAIL); if (NS_SUCCEEDED(rv)) { nsCOMPtr reefer = do_QueryInterface(mWebShell); @@ -4934,7 +4934,7 @@ HTMLContentSink::ProcessSCRIPTTag(const nsIParserNode& aNode) NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); if (NS_FAILED(rv)) return rv; - rv = securityManager->CheckLoadURI(mDocumentBaseURL, mScriptURI, PR_FALSE); + rv = securityManager->CheckLoadURI(mDocumentBaseURL, mScriptURI, nsIScriptSecurityManager::ALLOW_CHROME); if (NS_FAILED(rv)) return rv; diff --git a/content/html/style/src/nsCSSLoader.cpp b/content/html/style/src/nsCSSLoader.cpp index da1b1318e91d..4d7ca1cf4e9f 100644 --- a/content/html/style/src/nsCSSLoader.cpp +++ b/content/html/style/src/nsCSSLoader.cpp @@ -1330,7 +1330,7 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement, nsIURI* docURI; rv = mDocument->GetBaseURL(docURI); if (NS_FAILED(rv) || !docURI) return NS_ERROR_FAILURE; - rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE); + rv = secMan->CheckLoadURI(docURI, aURL, nsIScriptSecurityManager::ALLOW_CHROME); NS_IF_RELEASE(docURI); if (NS_FAILED(rv)) return NS_ERROR_FAILURE; diff --git a/content/xml/content/src/nsXMLElement.cpp b/content/xml/content/src/nsXMLElement.cpp index 333c39919032..365c3bc64062 100644 --- a/content/xml/content/src/nsXMLElement.cpp +++ b/content/xml/content/src/nsXMLElement.cpp @@ -293,7 +293,7 @@ static nsresult CheckLoadURI(nsIURI *aBaseURI, const nsAReadableString& aURI, ns if (NS_SUCCEEDED(rv)) { rv= securityManager->CheckLoadURI(aBaseURI, *aAbsURI, - PR_TRUE); + nsIScriptSecurityManager::DISALLOW_FROM_MAIL); } } diff --git a/content/xml/document/src/nsXMLContentSink.cpp b/content/xml/document/src/nsXMLContentSink.cpp index 3d3b812511da..86d1b74153ec 100644 --- a/content/xml/document/src/nsXMLContentSink.cpp +++ b/content/xml/document/src/nsXMLContentSink.cpp @@ -1730,7 +1730,7 @@ nsXMLContentSink::ProcessStartSCRIPTTag(const nsIParserNode& aNode) NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); if (NS_FAILED(rv)) return rv; - rv = securityManager->CheckLoadURI(mDocumentBaseURL, url, PR_FALSE); + rv = securityManager->CheckLoadURI(mDocumentBaseURL, url, nsIScriptSecurityManager::ALLOW_CHROME); if (NS_FAILED(rv)) return rv; diff --git a/layout/base/src/nsGenericElement.cpp b/layout/base/src/nsGenericElement.cpp index 45807a46aaea..81243a8b6c0e 100644 --- a/layout/base/src/nsGenericElement.cpp +++ b/layout/base/src/nsGenericElement.cpp @@ -2410,7 +2410,7 @@ nsGenericElement::TriggerLink(nsIPresContext* aPresContext, if (NS_SUCCEEDED(rv)) rv = NS_NewURI(getter_AddRefs(absURI), absURLSpec, aBaseURL); if (NS_SUCCEEDED(rv)) - proceed = securityManager->CheckLoadURI(aBaseURL, absURI, PR_FALSE); + proceed = securityManager->CheckLoadURI(aBaseURL, absURI, nsIScriptSecurityManager::STANDARD); // Only pass off the click event if the script security manager // says it's ok. diff --git a/layout/generic/nsFrameFrame.cpp b/layout/generic/nsFrameFrame.cpp index 139322668806..1d4127d968e1 100644 --- a/layout/generic/nsFrameFrame.cpp +++ b/layout/generic/nsFrameFrame.cpp @@ -983,7 +983,7 @@ nsHTMLFrameInnerFrame::DoLoadURL(nsIPresContext* aPresContext) nsCOMPtr newURI; rv = NS_NewURI(getter_AddRefs(newURI), absURL, baseURI); NS_ENSURE_SUCCESS(rv, rv); - rv = secMan->CheckLoadURI(referrer, newURI, PR_FALSE); + rv = secMan->CheckLoadURI(referrer, newURI, nsIScriptSecurityManager::STANDARD); if (NS_FAILED(rv)) return rv; // We're not diff --git a/layout/generic/nsImageFrame.cpp b/layout/generic/nsImageFrame.cpp index c010d8a09841..0b9fe5589960 100644 --- a/layout/generic/nsImageFrame.cpp +++ b/layout/generic/nsImageFrame.cpp @@ -769,7 +769,7 @@ nsImageFrame::TriggerLink(nsIPresContext* aPresContext, rv = NS_NewURI(getter_AddRefs(absURI), aURLSpec, baseURI); if (NS_SUCCEEDED(rv)) - proceed = securityManager->CheckLoadURI(baseURI, absURI, PR_FALSE); + proceed = securityManager->CheckLoadURI(baseURI, absURI, nsIScriptSecurityManager::STANDARD); // Only pass off the click event if the script security manager // says it's ok. diff --git a/layout/html/base/src/nsImageFrame.cpp b/layout/html/base/src/nsImageFrame.cpp index c010d8a09841..0b9fe5589960 100644 --- a/layout/html/base/src/nsImageFrame.cpp +++ b/layout/html/base/src/nsImageFrame.cpp @@ -769,7 +769,7 @@ nsImageFrame::TriggerLink(nsIPresContext* aPresContext, rv = NS_NewURI(getter_AddRefs(absURI), aURLSpec, baseURI); if (NS_SUCCEEDED(rv)) - proceed = securityManager->CheckLoadURI(baseURI, absURI, PR_FALSE); + proceed = securityManager->CheckLoadURI(baseURI, absURI, nsIScriptSecurityManager::STANDARD); // Only pass off the click event if the script security manager // says it's ok. diff --git a/layout/html/document/src/nsFrameFrame.cpp b/layout/html/document/src/nsFrameFrame.cpp index 139322668806..1d4127d968e1 100644 --- a/layout/html/document/src/nsFrameFrame.cpp +++ b/layout/html/document/src/nsFrameFrame.cpp @@ -983,7 +983,7 @@ nsHTMLFrameInnerFrame::DoLoadURL(nsIPresContext* aPresContext) nsCOMPtr newURI; rv = NS_NewURI(getter_AddRefs(newURI), absURL, baseURI); NS_ENSURE_SUCCESS(rv, rv); - rv = secMan->CheckLoadURI(referrer, newURI, PR_FALSE); + rv = secMan->CheckLoadURI(referrer, newURI, nsIScriptSecurityManager::STANDARD); if (NS_FAILED(rv)) return rv; // We're not diff --git a/layout/html/document/src/nsHTMLContentSink.cpp b/layout/html/document/src/nsHTMLContentSink.cpp index d2b9f9d78d85..fd52e4517e3c 100644 --- a/layout/html/document/src/nsHTMLContentSink.cpp +++ b/layout/html/document/src/nsHTMLContentSink.cpp @@ -3665,7 +3665,7 @@ HTMLContentSink::ProcessBaseHref(const nsString& aBaseHref) nsCOMPtr baseHrefURI; rv = NS_NewURI(getter_AddRefs(baseHrefURI), aBaseHref, nsnull); if (NS_FAILED(rv)) return; - rv = securityManager->CheckLoadURI(mDocumentBaseURL, baseHrefURI, PR_FALSE); + rv = securityManager->CheckLoadURI(mDocumentBaseURL, baseHrefURI, nsIScriptSecurityManager::STANDARD); if (NS_FAILED(rv)) return; if (nsnull == mBody) { // still in real HEAD @@ -4355,7 +4355,7 @@ HTMLContentSink::ProcessMETATag(const nsIParserNode& aNode) if (NS_SUCCEEDED(rv)) { rv = securityManager->CheckLoadURI(baseURI, uri, - PR_TRUE); + nsIScriptSecurityManager::DISALLOW_FROM_MAIL); if (NS_SUCCEEDED(rv)) { nsCOMPtr reefer = do_QueryInterface(mWebShell); @@ -4934,7 +4934,7 @@ HTMLContentSink::ProcessSCRIPTTag(const nsIParserNode& aNode) NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); if (NS_FAILED(rv)) return rv; - rv = securityManager->CheckLoadURI(mDocumentBaseURL, mScriptURI, PR_FALSE); + rv = securityManager->CheckLoadURI(mDocumentBaseURL, mScriptURI, nsIScriptSecurityManager::ALLOW_CHROME); if (NS_FAILED(rv)) return rv; diff --git a/layout/html/forms/src/nsFormFrame.cpp b/layout/html/forms/src/nsFormFrame.cpp index 1caf0bcfa66b..ba2bae1e1dbd 100644 --- a/layout/html/forms/src/nsFormFrame.cpp +++ b/layout/html/forms/src/nsFormFrame.cpp @@ -787,7 +787,7 @@ nsFormFrame::OnSubmit(nsIPresContext* aPresContext, nsIFrame* aFrame) result = NS_NewURI(getter_AddRefs(actionURL), href, docURL); if (NS_SUCCEEDED(result)) { - result = securityManager->CheckLoadURI(docURL, actionURL, PR_FALSE); + result = securityManager->CheckLoadURI(docURL, actionURL, nsIScriptSecurityManager::STANDARD); if (NS_FAILED(result)) return result; } diff --git a/layout/html/style/src/nsCSSLoader.cpp b/layout/html/style/src/nsCSSLoader.cpp index da1b1318e91d..4d7ca1cf4e9f 100644 --- a/layout/html/style/src/nsCSSLoader.cpp +++ b/layout/html/style/src/nsCSSLoader.cpp @@ -1330,7 +1330,7 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement, nsIURI* docURI; rv = mDocument->GetBaseURL(docURI); if (NS_FAILED(rv) || !docURI) return NS_ERROR_FAILURE; - rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE); + rv = secMan->CheckLoadURI(docURI, aURL, nsIScriptSecurityManager::ALLOW_CHROME); NS_IF_RELEASE(docURI); if (NS_FAILED(rv)) return NS_ERROR_FAILURE; diff --git a/layout/style/nsCSSLoader.cpp b/layout/style/nsCSSLoader.cpp index da1b1318e91d..4d7ca1cf4e9f 100644 --- a/layout/style/nsCSSLoader.cpp +++ b/layout/style/nsCSSLoader.cpp @@ -1330,7 +1330,7 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement, nsIURI* docURI; rv = mDocument->GetBaseURL(docURI); if (NS_FAILED(rv) || !docURI) return NS_ERROR_FAILURE; - rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE); + rv = secMan->CheckLoadURI(docURI, aURL, nsIScriptSecurityManager::ALLOW_CHROME); NS_IF_RELEASE(docURI); if (NS_FAILED(rv)) return NS_ERROR_FAILURE; diff --git a/layout/xml/content/src/nsXMLElement.cpp b/layout/xml/content/src/nsXMLElement.cpp index 333c39919032..365c3bc64062 100644 --- a/layout/xml/content/src/nsXMLElement.cpp +++ b/layout/xml/content/src/nsXMLElement.cpp @@ -293,7 +293,7 @@ static nsresult CheckLoadURI(nsIURI *aBaseURI, const nsAReadableString& aURI, ns if (NS_SUCCEEDED(rv)) { rv= securityManager->CheckLoadURI(aBaseURI, *aAbsURI, - PR_TRUE); + nsIScriptSecurityManager::DISALLOW_FROM_MAIL); } } diff --git a/layout/xml/document/src/nsXMLContentSink.cpp b/layout/xml/document/src/nsXMLContentSink.cpp index 3d3b812511da..86d1b74153ec 100644 --- a/layout/xml/document/src/nsXMLContentSink.cpp +++ b/layout/xml/document/src/nsXMLContentSink.cpp @@ -1730,7 +1730,7 @@ nsXMLContentSink::ProcessStartSCRIPTTag(const nsIParserNode& aNode) NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); if (NS_FAILED(rv)) return rv; - rv = securityManager->CheckLoadURI(mDocumentBaseURL, url, PR_FALSE); + rv = securityManager->CheckLoadURI(mDocumentBaseURL, url, nsIScriptSecurityManager::ALLOW_CHROME); if (NS_FAILED(rv)) return rv; diff --git a/modules/libpref/src/init/all.js b/modules/libpref/src/init/all.js index d16194130473..792e616fe1bc 100644 --- a/modules/libpref/src/init/all.js +++ b/modules/libpref/src/init/all.js @@ -189,9 +189,19 @@ pref("capability.policy.default.history.next.read", "UniversalBrowserRead"); pref("capability.policy.default.history.previous.read", "UniversalBrowserRead"); pref("capability.policy.default.history.item.read", "UniversalBrowserRead"); +pref("capability.policy.default.location.hash.write", "allAccess"); +pref("capability.policy.default.location.host.write", "allAccess"); +pref("capability.policy.default.location.hostname.write", "allAccess"); +pref("capability.policy.default.location.href.write", "allAccess"); +pref("capability.policy.default.location.pathname.write", "allAccess"); +pref("capability.policy.default.location.port.write", "allAccess"); +pref("capability.policy.default.location.protocol.write", "allAccess"); +pref("capability.policy.default.location.search.write", "allAccess"); + pref("capability.policy.default.navigator.preference.read", "UniversalPreferencesRead"); pref("capability.policy.default.navigator.preference.write", "UniversalPreferencesWrite"); pref("capability.policy.default.windowinternal.location.write", "allAccess"); +pref("capability.policy.default.windowinternal.opendialog", "noAccess"); localDefPref("ghist.expires.pos", 4); diff --git a/netwerk/protocol/http/src/nsHTTPChannel.cpp b/netwerk/protocol/http/src/nsHTTPChannel.cpp index ed187a2ee9c1..2687c1180611 100644 --- a/netwerk/protocol/http/src/nsHTTPChannel.cpp +++ b/netwerk/protocol/http/src/nsHTTPChannel.cpp @@ -1757,7 +1757,7 @@ nsresult nsHTTPChannel::Redirect(const char *aNewLocation, NS_WITH_SERVICE(nsIScriptSecurityManager, securityManager, NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); if (NS_FAILED(rv)) return rv; - rv = securityManager->CheckLoadURI(mOriginalURI ? mOriginalURI : mURI, newURI, PR_TRUE); + rv = securityManager->CheckLoadURI(mOriginalURI ? mOriginalURI : mURI, newURI, nsIScriptSecurityManager::DISALLOW_FROM_MAIL); if (NS_FAILED(rv)) return rv; } diff --git a/rdf/chrome/src/nsChromeProtocolHandler.cpp b/rdf/chrome/src/nsChromeProtocolHandler.cpp index 0d76abd76d3c..4d8b47de1dde 100644 --- a/rdf/chrome/src/nsChromeProtocolHandler.cpp +++ b/rdf/chrome/src/nsChromeProtocolHandler.cpp @@ -724,7 +724,8 @@ nsChromeProtocolHandler::NewChannel(nsIURI* aURI, nsCOMPtr url = do_QueryInterface(aURI); nsXPIDLCString fileExtension; rv = url->GetFileExtension(getter_Copies(fileExtension)); - if (PL_strcmp(fileExtension, "xul") == 0) + if (PL_strcasecmp(fileExtension, "xul") == 0 || PL_strcasecmp(fileExtension, "html") == 0 || + PL_strcasecmp(fileExtension, "xml") == 0) { NS_WITH_SERVICE(nsIScriptSecurityManager, securityManager, NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);