Bug 1378377 Part 2: Run file://URI whitelisted domains in a file content process. r=Gijs

This commit is contained in:
Bob Owen 2017-07-19 09:37:25 +01:00
Родитель 9fe7a4201d
Коммит 8cd9bf78f8
1 изменённых файлов: 7 добавлений и 1 удалений

Просмотреть файл

@ -47,6 +47,13 @@ const LARGE_ALLOCATION_REMOTE_TYPE = "webLargeAllocation";
const DEFAULT_REMOTE_TYPE = WEB_REMOTE_TYPE;
function validatedWebRemoteType(aPreferredRemoteType, aTargetUri, aCurrentUri) {
// If the domain is whitelisted to allow it to use file:// URIs, then we have
// to run it in a file content process, in case it uses file:// sub-resources.
const sm = Services.scriptSecurityManager;
if (sm.inFileURIWhitelist(aTargetUri)) {
return FILE_REMOTE_TYPE;
}
if (!aPreferredRemoteType) {
return WEB_REMOTE_TYPE;
}
@ -60,7 +67,6 @@ function validatedWebRemoteType(aPreferredRemoteType, aTargetUri, aCurrentUri) {
// If aCurrentUri is passed then we should only allow FILE_REMOTE_TYPE
// when it is same origin as target.
if (aCurrentUri) {
const sm = Services.scriptSecurityManager;
try {
// checkSameOriginURI throws when not same origin.
sm.checkSameOriginURI(aCurrentUri, aTargetUri, false);