зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1378377 Part 2: Run file://URI whitelisted domains in a file content process. r=Gijs
This commit is contained in:
Родитель
9fe7a4201d
Коммит
8cd9bf78f8
|
@ -47,6 +47,13 @@ const LARGE_ALLOCATION_REMOTE_TYPE = "webLargeAllocation";
|
|||
const DEFAULT_REMOTE_TYPE = WEB_REMOTE_TYPE;
|
||||
|
||||
function validatedWebRemoteType(aPreferredRemoteType, aTargetUri, aCurrentUri) {
|
||||
// If the domain is whitelisted to allow it to use file:// URIs, then we have
|
||||
// to run it in a file content process, in case it uses file:// sub-resources.
|
||||
const sm = Services.scriptSecurityManager;
|
||||
if (sm.inFileURIWhitelist(aTargetUri)) {
|
||||
return FILE_REMOTE_TYPE;
|
||||
}
|
||||
|
||||
if (!aPreferredRemoteType) {
|
||||
return WEB_REMOTE_TYPE;
|
||||
}
|
||||
|
@ -60,7 +67,6 @@ function validatedWebRemoteType(aPreferredRemoteType, aTargetUri, aCurrentUri) {
|
|||
// If aCurrentUri is passed then we should only allow FILE_REMOTE_TYPE
|
||||
// when it is same origin as target.
|
||||
if (aCurrentUri) {
|
||||
const sm = Services.scriptSecurityManager;
|
||||
try {
|
||||
// checkSameOriginURI throws when not same origin.
|
||||
sm.checkSameOriginURI(aCurrentUri, aTargetUri, false);
|
||||
|
|
Загрузка…
Ссылка в новой задаче