Backed out changeset 69fb2fc61535 (bug 1329288)

This commit is contained in:
Sebastian Hengst 2017-01-22 13:09:48 +01:00
Родитель 6fb7a3b9ca
Коммит a692f05c85
3 изменённых файлов: 3 добавлений и 26 удалений

Просмотреть файл

@ -139,7 +139,6 @@
#include "nsISiteSecurityService.h"
#include "nsStructuredCloneContainer.h"
#include "nsIStructuredCloneContainer.h"
#include "nsISupportsPrimitives.h"
#ifdef MOZ_PLACES
#include "nsIFaviconService.h"
#include "mozIPlacesPendingOperation.h"
@ -9884,24 +9883,13 @@ nsDocShell::InternalLoad(nsIURI* aURI,
#endif
}
// Since Content Policy checks are performed within docShell as well as
// the ContentSecurityManager we need a reliable way to let certain
// nsIContentPolicy consumers ignore duplicate calls. Let's use the 'extra'
// argument to pass a specific identifier.
nsCOMPtr<nsISupportsString> extraStr =
do_CreateInstance(NS_SUPPORTS_STRING_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
NS_NAMED_LITERAL_STRING(msg, "conPolCheckFromDocShell");
rv = extraStr->SetData(msg);
NS_ENSURE_SUCCESS(rv, rv);
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(contentType,
aURI,
aTriggeringPrincipal,
requestingContext,
EmptyCString(), // mime guess
extraStr, // extra
nullptr, // extra
&shouldLoad);
if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {

Просмотреть файл

@ -168,10 +168,9 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
}
}
// aExtra holds the original URI of the channel if the
// channel got redirected (until we fix Bug 1332422).
// aExtra is only non-null if the channel got redirected.
bool wasRedirected = (aExtra != nullptr);
nsCOMPtr<nsIURI> originalURI = do_QueryInterface(aExtra);
bool wasRedirected = originalURI;
bool permitted = permitsInternal(dir,
aContentLocation,

Просмотреть файл

@ -80,16 +80,6 @@ var ContentPolicy = {
shouldLoad(policyType, contentLocation, requestOrigin,
node, mimeTypeGuess, extra, requestPrincipal) {
// Loads of TYPE_DOCUMENT and TYPE_SUBDOCUMENT perform a ConPol check
// within docshell as well as within the ContentSecurityManager. To avoid
// duplicate evaluations we ignore ConPol checks performed within docShell.
if (extra instanceof Ci.nsISupportsString) {
if (extra.data === "conPolCheckFromDocShell") {
return Ci.nsIContentPolicy.ACCEPT;
}
}
if (requestPrincipal &&
Services.scriptSecurityManager.isSystemPrincipal(requestPrincipal)) {
return Ci.nsIContentPolicy.ACCEPT;