mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 22:01:30 +00:00
Bug 285438 Drag and drop gestures can be hijacked to load priviliged xul - xpfe/toolkit trunk patch v2.0
p=jst/me r=neil.parkwaycc.co.uk sr=bzbarsky a=benjamin
This commit is contained in:
parent
c91036673c
commit
f4c3fb811c
@ -172,7 +172,12 @@ var goButtonObserver = {
|
||||
var xferData = aXferData.data.split("\n");
|
||||
var uri = xferData[0] ? xferData[0] : xferData[1];
|
||||
if (uri)
|
||||
loadURI(uri);
|
||||
{
|
||||
// Perform a security check before loading the URI
|
||||
nsDragAndDrop.dragDropSecurityCheck(aEvent, aDragSession, uri);
|
||||
|
||||
loadURI(uri);
|
||||
}
|
||||
},
|
||||
getSupportedFlavours: function ()
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user