зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1344706 - Do not reuse originPrincipal as triggeringPrincipal within utilityOverlay.js. r=gijs
This commit is contained in:
Родитель
e0b947bce4
Коммит
a40ae7abe5
|
@ -1340,6 +1340,7 @@ var gBrowserInit = {
|
|||
// [5]: referrerPolicy (int)
|
||||
// [6]: userContextId (int)
|
||||
// [7]: originPrincipal (nsIPrincipal)
|
||||
// [8]: triggeringPrincipal (nsIPrincipal)
|
||||
let referrerURI = window.arguments[2];
|
||||
if (typeof(referrerURI) == "string") {
|
||||
try {
|
||||
|
@ -1356,7 +1357,7 @@ var gBrowserInit = {
|
|||
window.arguments[4] || false, referrerPolicy, userContextId,
|
||||
// pass the origin principal (if any) and force its use to create
|
||||
// an initial about:blank viewer if present:
|
||||
window.arguments[7], !!window.arguments[7]);
|
||||
window.arguments[7], !!window.arguments[7], window.arguments[8]);
|
||||
window.focus();
|
||||
} else {
|
||||
// Note: loadOneOrMoreURIs *must not* be called if window.arguments.length >= 3.
|
||||
|
@ -2248,7 +2249,8 @@ function BrowserTryToCloseWindow() {
|
|||
}
|
||||
|
||||
function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy,
|
||||
userContextId, originPrincipal, forceAboutBlankViewerInCurrent) {
|
||||
userContextId, originPrincipal, forceAboutBlankViewerInCurrent,
|
||||
triggeringPrincipal) {
|
||||
try {
|
||||
openLinkIn(uri, "current",
|
||||
{ referrerURI: referrer,
|
||||
|
@ -2257,6 +2259,7 @@ function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy,
|
|||
allowThirdPartyFixup,
|
||||
userContextId,
|
||||
originPrincipal,
|
||||
triggeringPrincipal,
|
||||
forceAboutBlankViewerInCurrent,
|
||||
});
|
||||
} catch (e) {}
|
||||
|
@ -5782,6 +5785,7 @@ function handleLinkClick(event, href, linkNode) {
|
|||
referrerPolicy,
|
||||
noReferrer: BrowserUtils.linkHasNoReferrer(linkNode),
|
||||
originPrincipal: doc.nodePrincipal,
|
||||
triggeringPrincipal: doc.nodePrincipal,
|
||||
frameOuterWindowID,
|
||||
};
|
||||
|
||||
|
|
|
@ -578,6 +578,7 @@ var ClickEventHandler = {
|
|||
} catch (e) {}
|
||||
}
|
||||
json.originPrincipal = ownerDoc.nodePrincipal;
|
||||
json.triggeringPrincipal = ownerDoc.nodePrincipal;
|
||||
|
||||
sendAsyncMessage("Content:Click", json);
|
||||
return;
|
||||
|
|
|
@ -985,6 +985,7 @@ nsContextMenu.prototype = {
|
|||
_openLinkInParameters(extra) {
|
||||
let params = { charset: gContextMenuContentData.charSet,
|
||||
originPrincipal: this.principal,
|
||||
triggeringPrincipal: this.principal,
|
||||
referrerURI: gContextMenuContentData.documentURIObject,
|
||||
referrerPolicy: gContextMenuContentData.referrerPolicy,
|
||||
frameOuterWindowID: gContextMenuContentData.frameOuterWindowID,
|
||||
|
@ -1174,7 +1175,7 @@ nsContextMenu.prototype = {
|
|||
this._canvasToBlobURL(this.target).then(function(blobURL) {
|
||||
openUILink(blobURL, e, { disallowInheritPrincipal: true,
|
||||
referrerURI,
|
||||
originPrincipal: systemPrincipal});
|
||||
triggeringPrincipal: systemPrincipal});
|
||||
}, Cu.reportError);
|
||||
} else {
|
||||
urlSecurityCheck(this.mediaURL,
|
||||
|
|
|
@ -220,6 +220,7 @@ function openLinkIn(url, where, params) {
|
|||
var aUserContextId = params.userContextId;
|
||||
var aIndicateErrorPageLoad = params.indicateErrorPageLoad;
|
||||
var aPrincipal = params.originPrincipal;
|
||||
var aTriggeringPrincipal = params.triggeringPrincipal;
|
||||
var aForceAboutBlankViewerInCurrent =
|
||||
params.forceAboutBlankViewerInCurrent;
|
||||
|
||||
|
@ -267,6 +268,15 @@ function openLinkIn(url, where, params) {
|
|||
};
|
||||
aPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(aPrincipal.URI, attrs);
|
||||
}
|
||||
if (aTriggeringPrincipal && aTriggeringPrincipal.isCodebasePrincipal) {
|
||||
let attrs = {
|
||||
userContextId: aUserContextId,
|
||||
privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)),
|
||||
};
|
||||
aTriggeringPrincipal =
|
||||
Services.scriptSecurityManager.createCodebasePrincipal(aTriggeringPrincipal.URI, attrs);
|
||||
}
|
||||
|
||||
|
||||
if (!w || where == "window") {
|
||||
// This propagates to window.arguments.
|
||||
|
@ -311,6 +321,7 @@ function openLinkIn(url, where, params) {
|
|||
sa.appendElement(referrerPolicySupports, /* weak =*/ false);
|
||||
sa.appendElement(userContextIdSupports, /* weak =*/ false);
|
||||
sa.appendElement(aPrincipal, /* weak =*/ false);
|
||||
sa.appendElement(aTriggeringPrincipal, /* weak =*/ false);
|
||||
|
||||
let features = "chrome,dialog=no,all";
|
||||
if (aIsPrivate) {
|
||||
|
@ -414,7 +425,7 @@ function openLinkIn(url, where, params) {
|
|||
}
|
||||
|
||||
targetBrowser.loadURIWithFlags(url, {
|
||||
triggeringPrincipal: aPrincipal,
|
||||
triggeringPrincipal: aTriggeringPrincipal,
|
||||
flags,
|
||||
referrerURI: aNoReferrer ? null : aReferrerURI,
|
||||
referrerPolicy: aReferrerPolicy,
|
||||
|
@ -439,7 +450,7 @@ function openLinkIn(url, where, params) {
|
|||
noReferrer: aNoReferrer,
|
||||
userContextId: aUserContextId,
|
||||
originPrincipal: aPrincipal,
|
||||
triggeringPrincipal: aPrincipal,
|
||||
triggeringPrincipal: aTriggeringPrincipal,
|
||||
});
|
||||
targetBrowser = tabUsedForLoad.linkedBrowser;
|
||||
|
||||
|
|
|
@ -85,6 +85,7 @@ var ContentClick = {
|
|||
allowMixedContent: json.allowMixedContent,
|
||||
isContentWindowPrivate: json.isContentWindowPrivate,
|
||||
originPrincipal: json.originPrincipal,
|
||||
triggeringPrincipal: json.triggeringPrincipal,
|
||||
frameOuterWindowID: json.frameOuterWindowID,
|
||||
};
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче