зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1460685 - Backed out changeset 09ee763947c3 (bug 1352513);r=Gijs
The security.allow_chrome_frames_inside_content pref was added to support XUL extension compat after the hiddenWindow special case was removed in Bug 1145470. Since we don't need to support that use-case anymore, this changeset backs out the change that relanded the special case with the pref. MozReview-Commit-ID: 4keMEIQvt1Y --HG-- extra : rebase_source : 1a9c54c9807eaed2645d0ea03b5064ed7472d7a4
This commit is contained in:
Родитель
ebe89a6878
Коммит
a61cbe6dae
|
@ -980,23 +980,6 @@ nsScriptSecurityManager::CheckLoadURIFlags(nsIURI *aSourceURI,
|
|||
}
|
||||
}
|
||||
|
||||
static bool sCanLoadChromeInContent = false;
|
||||
static bool sCachedCanLoadChromeInContentPref = false;
|
||||
if (!sCachedCanLoadChromeInContentPref) {
|
||||
sCachedCanLoadChromeInContentPref = true;
|
||||
mozilla::Preferences::AddBoolVarCache(&sCanLoadChromeInContent,
|
||||
"security.allow_chrome_frames_inside_content");
|
||||
}
|
||||
if (sCanLoadChromeInContent) {
|
||||
// Special-case the hidden window: it's allowed to load
|
||||
// URI_IS_UI_RESOURCE no matter what. Bug 1145470 tracks removing this.
|
||||
nsAutoCString sourceSpec;
|
||||
if (NS_SUCCEEDED(aSourceBaseURI->GetSpec(sourceSpec)) &&
|
||||
sourceSpec.EqualsLiteral("resource://gre-resources/hiddenWindow.html")) {
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
|
||||
if (reportErrors) {
|
||||
ReportError(nullptr, errorTag, aSourceURI, aTargetURI);
|
||||
}
|
||||
|
|
|
@ -2519,10 +2519,6 @@ pref("security.cert_pinning.process_headers_from_non_builtin_roots", false);
|
|||
// their protocol with the inner URI of the view-source URI
|
||||
pref("security.view-source.reachable-from-inner-protocol", false);
|
||||
|
||||
// If set to true, in some limited circumstances it may be possible to load
|
||||
// privileged content in frames inside unprivileged content.
|
||||
pref("security.allow_chrome_frames_inside_content", false);
|
||||
|
||||
// Services security settings
|
||||
pref("services.settings.server", "https://firefox.settings.services.mozilla.com/v1");
|
||||
pref("services.settings.changes.path", "/buckets/monitor/collections/changes/records");
|
||||
|
|
Загрузка…
Ссылка в новой задаче