From 09ad3f43eca45282b65bffde5de15af2e061d273 Mon Sep 17 00:00:00 2001
From: "Carsten \"Tomcat\" Book" <cbook@mozilla.com>
Date: Fri, 16 Dec 2016 16:41:22 +0100
Subject: [PATCH] Backed out changeset a6e2d96c1274 (bug 1322565) for eslint
 failure

---
 browser/app/profile/firefox.js                  | 3 +++
 browser/components/feeds/WebContentConverter.js | 6 ++++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index c1e866ff07ea..300c15d4cfd9 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -754,6 +754,9 @@ pref("gecko.handlerService.schemes.ircs.2.uriTemplate", "chrome://browser-region
 pref("gecko.handlerService.schemes.ircs.3.name", "chrome://browser-region/locale/region.properties");
 pref("gecko.handlerService.schemes.ircs.3.uriTemplate", "chrome://browser-region/locale/region.properties");
 
+// By default, we don't want protocol/content handlers to be registered from a different host, see bug 402287
+pref("gecko.handlerService.allowRegisterFromDifferentHost", false);
+
 pref("browser.geolocation.warning.infoURL", "https://www.mozilla.org/%LOCALE%/firefox/geolocation/");
 
 pref("browser.EULA.version", 3);
diff --git a/browser/components/feeds/WebContentConverter.js b/browser/components/feeds/WebContentConverter.js
index 5772dc4be0af..060199d4dc7f 100644
--- a/browser/components/feeds/WebContentConverter.js
+++ b/browser/components/feeds/WebContentConverter.js
@@ -30,6 +30,7 @@ const PREF_SELECTED_WEB = "browser.feeds.handlers.webservice";
 const PREF_SELECTED_ACTION = "browser.feeds.handler";
 const PREF_SELECTED_READER = "browser.feeds.handler.default";
 const PREF_HANDLER_EXTERNAL_PREFIX = "network.protocol-handler.external";
+const PREF_ALLOW_DIFFERENT_HOST = "gecko.handlerService.allowRegisterFromDifferentHost";
 
 const STRING_BUNDLE_URI = "chrome://browser/locale/feeds/subscribe.properties";
 
@@ -157,8 +158,9 @@ const Utils = {
     // We also reject handlers registered from a different host (see bug 402287)
     // The pref allows us to test the feature
     let pb = Services.prefs;
-    if (!["http:", "https:"].includes(aContentWindow.location.protocol) ||
-         aContentWindow.location.hostname != uri.host) {
+    if (!pb.getBoolPref(PREF_ALLOW_DIFFERENT_HOST) &&
+        (!["http:", "https:"].includes(aContentWindow.location.protocol) ||
+         aContentWindow.location.hostname != uri.host)) {
       throw this.getSecurityError(
         "Permission denied to add " + uri.spec + " as a content or protocol handler",
         aContentWindow);