Bug 1403641: Allow data: URI downloads even if data: URI navigations are blocked. r=bz

2017-10-04 08:43:56 +02:00 · 2017-10-04 08:43:56 +02:00 · 04a3ca2e32
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@ -9967,7 +9967,8 @@ nsDocShell::InternalLoad(nsIURI* aURI,
        aURI,
        contentType,
        aTriggeringPrincipal,
-        (aLoadType == LOAD_NORMAL_EXTERNAL))) {
+        (aLoadType == LOAD_NORMAL_EXTERNAL),
+        !aFileName.IsVoid())) {
    // logging to console happens within AllowTopLevelNavigationToDataURI
    return NS_OK;
  }
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@ -26,7 +26,8 @@ nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
  nsIURI* aURI,
  nsContentPolicyType aContentPolicyType,
  nsIPrincipal* aTriggeringPrincipal,
-  bool aLoadFromExternal)
+  bool aLoadFromExternal,
+  bool aIsDownLoad)
 {
  // Let's block all toplevel document navigations to a data: URI.
  // In all cases where the toplevel document is navigated to a
@ -39,7 +40,7 @@ nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
  if (!mozilla::net::nsIOService::BlockToplevelDataUriNavigations()) {
    return true;
  }
-  if (aContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT) {
+  if (aContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT || aIsDownLoad) {
    return true;
  }
  bool isDataURI =
@ -590,6 +591,7 @@ nsContentSecurityManager::AsyncOnChannelRedirect(nsIChannel* aOldChannel,
          uri,
          newLoadInfo->GetExternalContentPolicyType(),
          nullTriggeringPrincipal,
+          false,
          false)) {
        // logging to console happens within AllowTopLevelNavigationToDataURI
      aOldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
--- a/dom/security/nsContentSecurityManager.h
+++ b/dom/security/nsContentSecurityManager.h
@ -35,7 +35,8 @@ public:
  static bool AllowTopLevelNavigationToDataURI(nsIURI* aURI,
                                               nsContentPolicyType aContentPolicyType,
                                               nsIPrincipal* aTriggeringPrincipal,
-                                               bool aLoadFromExternal);
+                                               bool aLoadFromExternal,
+                                               bool aIsDownload);

 private:
  static nsresult CheckChannel(nsIChannel* aChannel);