Bug 285438 Drag and drop gestures can be hijacked to load priviliged xul - xpfe/toolkit trunk patch v2.0

p=jst/me r=neil.parkwaycc.co.uk sr=bzbarsky a=benjamin
This commit is contained in:
bugzilla%arlen.demon.co.uk 2006-09-14 06:09:59 +00:00
parent c91036673c
commit f4c3fb811c

View File

@ -172,7 +172,12 @@ var goButtonObserver = {
var xferData = aXferData.data.split("\n");
var uri = xferData[0] ? xferData[0] : xferData[1];
if (uri)
loadURI(uri);
{
// Perform a security check before loading the URI
nsDragAndDrop.dragDropSecurityCheck(aEvent, aDragSession, uri);
loadURI(uri);
}
},
getSupportedFlavours: function ()
{