mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1497209: Apply Meta CSP to about:sessionrestore and about:welcomeback. r=Gijs,vporof 

Differential Revision: https://phabricator.services.mozilla.com/D38081

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Christoph Kerschbaumer 2019-07-17 11:22:35 +00:00
Родитель 4891262c8d
Коммит 110a817c1a
5 изменённых файлов: 47 добавлений и 35 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

9
browser/components/migration/content/aboutWelcomeBack.xhtml
Просмотреть файл

@ -11,6 +11,7 @@
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<head>
<meta http-equiv="Content-Security-Policy" content="default-src chrome: resource:; img-src chrome: resource: data:" />
<title data-l10n-id="welcome-back-tab-title"></title>
<link rel="stylesheet" href="chrome://global/skin/in-content/info-pages.css" type="text/css" media="all"/>
<link rel="stylesheet" href="chrome://browser/skin/aboutWelcomeBack.css" type="text/css" media="all"/>
@ -50,8 +51,7 @@
</div>
<div class="tree-container">
<xul:tree id="tabList" flex="1" seltype="single" hidecolumnpicker="true"
onclick="onListClick(event);" onkeydown="onListKeyDown(event);">
<xul:tree id="tabList" flex="1" seltype="single" hidecolumnpicker="true">
<xul:treecols>
<xul:treecol cycler="true" id="restore" type="checkbox" data-l10n-id="restore-page-restore-header"/>
<xul:splitter class="tree-splitter"/>
@ -64,11 +64,10 @@
<div class="button-container">
<xul:button class="primary"
id="errorTryAgain"
data-l10n-id="welcome-back-restore-button"
oncommand="restoreSession();"/>
data-l10n-id="welcome-back-restore-button"/>
</div>
<input type="text" id="sessionData" style="display: none;"/>
<input type="text" id="sessionData" hidden="true"/>
</div>
</body>

19
browser/components/sessionstore/content/aboutSessionRestore.js
Просмотреть файл

@ -49,11 +49,26 @@ window.onload = function() {
}
}
var tabListTree = document.getElementById("tabList");
tabListTree.addEventListener("click", onListClick);
tabListTree.addEventListener("keydown", onListKeyDown);
var errorCancelButton = document.getElementById("errorCancel");
// aboutSessionRestore.js is included aboutSessionRestore.xhtml
// and aboutWelcomeBack.xhtml, but the latter does not have an
// errorCancel button.
if (errorCancelButton) {
errorCancelButton.addEventListener("command", startNewSession);
}
var errorTryAgainButton = document.getElementById("errorTryAgain");
errorTryAgainButton.addEventListener("command", restoreSession);
// the crashed session state is kept inside a textbox so that SessionStore picks it up
// (for when the tab is closed or the session crashes right again)
var sessionData = document.getElementById("sessionData");
if (!sessionData.value) {
document.getElementById("errorTryAgain").disabled = true;
errorTryAgainButton.disabled = true;
return;
}
@ -66,7 +81,7 @@ window.onload = function() {
initTreeView();
document.getElementById("errorTryAgain").focus();
errorTryAgainButton.focus();
};
function isTreeViewVisible() {

18
browser/components/sessionstore/content/aboutSessionRestore.xhtml
Просмотреть файл

@ -11,6 +11,7 @@
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<head>
<meta http-equiv="Content-Security-Policy" content="default-src chrome: resource:; img-src chrome: resource: data:" />
<title data-l10n-id="restore-page-tab-title"></title>
<link rel="stylesheet" href="chrome://global/skin/in-content/info-pages.css" type="text/css" media="all"/>
<link rel="stylesheet" href="chrome://browser/skin/aboutSessionRestore.css" type="text/css" media="all"/>
@ -40,8 +41,7 @@
</button>
</div>
<div class="tree-container" available="true">
<xul:tree id="tabList" seltype="single" hidecolumnpicker="true"
onclick="onListClick(event);" onkeydown="onListKeyDown(event);">
<xul:tree id="tabList" seltype="single" hidecolumnpicker="true">
<xul:treecols>
<xul:treecol cycler="true" id="restore" type="checkbox" data-l10n-id="restore-page-restore-header"/>
<xul:splitter class="tree-splitter"/>
@ -53,24 +53,20 @@
<div class="button-container">
#ifdef XP_UNIX
<xul:button id="errorCancel"
data-l10n-id="restore-page-close-button"
oncommand="startNewSession();"/>
data-l10n-id="restore-page-close-button"/>
<xul:button class="primary"
id="errorTryAgain"
data-l10n-id="restore-page-try-again-button"
oncommand="restoreSession();"/>
data-l10n-id="restore-page-try-again-button"/>
#else
<xul:button class="primary"
id="errorTryAgain"
data-l10n-id="restore-page-try-again-button"
oncommand="restoreSession();"/>
data-l10n-id="restore-page-try-again-button"/>
<xul:button id="errorCancel"
data-l10n-id="restore-page-close-button"
oncommand="startNewSession();"/>
data-l10n-id="restore-page-close-button"/>
#endif
</div>
<!-- holds the session data for when the tab is closed -->
<input type="text" id="sessionData" style="display: none;"/>
<input type="text" id="sessionData" hidden="true"/>
</div>
</body>

2
modules/libpref/init/all.js
Просмотреть файл

@ -2461,7 +2461,7 @@ pref("security.dialog_enable_delay", 1000);
pref("security.notification_enable_delay", 500);
#if defined(DEBUG) && !defined(ANDROID)
pref("csp.about_uris_without_csp", "blank,printpreview,srcdoc,addons,config,downloads,home,newtab,preferences,sessionrestore,sync-log,welcomeback");
pref("csp.about_uris_without_csp", "blank,printpreview,srcdoc,addons,config,downloads,home,newtab,preferences,sync-log");
// the following prefs are for testing purposes only.
pref("csp.overrule_about_uris_without_csp_whitelist", false);
pref("csp.skip_about_page_has_csp_assert", false);

34
toolkit/content/widgets/tree.js
Просмотреть файл

@ -583,10 +583,8 @@
) {
constructor() {
super();
this.attachShadow({ mode: "open" });
this.shadowRoot.appendChild(
MozXULElement.parseXULToFragment(`
let fragment = MozXULElement.parseXULToFragment(`
<html:link rel="stylesheet" href="chrome://global/content/widgets.css" />
<html:slot name="treecols"></html:slot>
<stack class="tree-stack" flex="1">
@ -596,24 +594,28 @@
</hbox>
<scrollbar height="0" minwidth="0" minheight="0" orient="vertical"
class="hidevscroll-scrollbar"
style="position:relative; z-index:2147483647;"
oncontextmenu="event.stopPropagation(); event.preventDefault();"
onclick="event.stopPropagation(); event.preventDefault();"
ondblclick="event.stopPropagation();"
oncommand="event.stopPropagation();"></scrollbar>
style="position:relative; z-index:2147483647;"></scrollbar>
</hbox>
<textbox class="tree-input" left="0" top="0" hidden="true"></textbox>
</stack>
<hbox class="hidehscroll-box">
<scrollbar orient="horizontal" flex="1" increment="16" style="position:relative; z-index:2147483647;" oncontextmenu="event.stopPropagation(); event.preventDefault();" onclick="event.stopPropagation(); event.preventDefault();" ondblclick="event.stopPropagation();" oncommand="event.stopPropagation();"></scrollbar>
<scrollcorner class="hidevscroll-scrollcorner"
oncontextmenu="event.stopPropagation(); event.preventDefault();"
onclick="event.stopPropagation(); event.preventDefault();"
ondblclick="event.stopPropagation();"
oncommand="event.stopPropagation();"></scrollcorner>
<scrollbar orient="horizontal" flex="1" increment="16" style="position:relative; z-index:2147483647;"></scrollbar>
<scrollcorner class="hidevscroll-scrollcorner"></scrollcorner>
</hbox>
`)
);
`);
let handledElements = fragment.querySelectorAll("scrollbar,scrollcorner");
let stopAndPrevent = e => {
e.stopPropagation();
e.preventDefault();
};
let stopProp = e => e.stopPropagation();
for (let el of handledElements) {
el.addEventListener("click", stopAndPrevent);
el.addEventListener("contextmenu", stopAndPrevent);
el.addEventListener("dblclick", stopProp);
el.addEventListener("command", stopProp);
}
this.shadowRoot.appendChild(fragment);
}
static get inheritedAttributes() {