mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1222924 - stop allowing webpages to link to moz-icon: , r=mrbkap 

MozReview-Commit-ID: FKEDboWIfFQ

--HG--
extra : rebase_source : 801317b5746c6e84431c6a8f2097b83523646016
This commit is contained in:
Gijs Kruitbosch 2017-11-22 21:31:41 +00:00
Родитель d572b0ccc3
Коммит e77ee731e9
4 изменённых файлов: 19 добавлений и 30 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

15
caps/nsScriptSecurityManager.cpp
Просмотреть файл

@ -688,6 +688,15 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
// exception for foo: linking to view-source:foo for reftests...
return NS_OK;
}
else if (sourceScheme.EqualsIgnoreCase("file") &&
targetScheme.EqualsIgnoreCase("moz-icon"))
{
// exception for file: linking to moz-icon://.ext?size=...
// Note that because targetScheme is the base (innermost) URI scheme,
// this does NOT allow file -> moz-icon:file:///... links.
// This is intentional.
return NS_OK;
}
// Check for webextension
rv = NS_URIChainHasFlags(aTargetURI,
@ -837,12 +846,6 @@ nsScriptSecurityManager::CheckLoadURIFlags(nsIURI *aSourceURI,
NS_ENSURE_SUCCESS(rv, rv);
if (hasFlags) {
if (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) {
// For now, don't change behavior for moz-icon:// and just allow it.
if (!targetScheme.EqualsLiteral("chrome")
&& !targetScheme.EqualsLiteral("resource")) {
return NS_OK;
}
// Allow a URI_IS_UI_RESOURCE source to link to a URI_IS_UI_RESOURCE
// target if ALLOW_CHROME is set.
//

20
dom/security/test/mixedcontentblocker/file_main_bug803225.html
Просмотреть файл

@ -18,7 +18,6 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=803225
"javascript",
"mailto",
"resource",
"moz-icon",
"wss"
-->
@ -70,18 +69,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=803225
testContent.appendChild(resource_script);
// Test 4: moz-icon within an img tag
var image=document.createElement("img");
image.src = "moz-icon://dummy.exe?size=16";
image.onload = function() {
parent.postMessage({"test": "mozicon", "msg": "resource with mozicon protocol loaded"}, "http://mochi.test:8888");
}
image.onerror = function() {
parent.postMessage({"test": "mozicon", "msg": "resource with mozicon protocol did not load"}, "http://mochi.test:8888");
}
// We don't need to append the image to the document. Doing so causes the image test to run twice.
// Test 5: about unsafe protocol within an iframe
// Test 4: about unsafe protocol within an iframe
var unsafe_about_frame = document.createElement("iframe");
unsafe_about_frame.src = "about:config";
unsafe_about_frame.name = "unsafe_about_protocol";
@ -93,7 +81,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=803225
}
testContent.appendChild(unsafe_about_frame);
// Test 6: data protocol within a script tag
// Test 5: data protocol within a script tag
var x = 2;
var newscript = document.createElement("script");
newscript.src= "data:text/javascript,var x = 4;";
@ -105,7 +93,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=803225
}
testContent.appendChild(newscript);
// Test 7: mailto protocol
// Test 6: mailto protocol
let mm = SpecialPowers.loadChromeScript(function launchHandler() {
var { classes: Cc, interfaces: Ci } = Components;
var ioService = Cc["@mozilla.org/network/io-service;1"].
@ -160,7 +148,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=803225
mailtoProtocolStatus();
// Test 8: wss protocol
// Test 7: wss protocol
var wss;
wss = new WebSocket("wss://example.com/tests/dom/security/test/mixedcontentblocker/file_main_bug803225_websocket");

6
dom/security/test/mixedcontentblocker/test_bug803225.html
Просмотреть файл

@ -36,7 +36,6 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=803225
var testsToRun = {
/* https - Tests already run as part of bug 62178. */
about: false,
mozicon: false,
resource: false,
unsafe_about: false,
data_protocol: false,
@ -100,11 +99,6 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=803225
testsToRun["resource"] = true;
break;
case "mozicon":
ok(event.data.msg == "resource with mozicon protocol loaded", "resource with mozicon protocol did not load");
testsToRun["mozicon"] = true;
break;
case "unsafe_about":
// This one should not load
ok(event.data.msg == "resource with unsafe about protocol did not load", "resource with unsafe about protocol loaded");

8
image/test/reftest/downscaling/reftest.list
Просмотреть файл

@ -87,7 +87,9 @@ fuzzy(20,999) != downscale-2c.html?205,53,bottom about:blank
fuzzy(20,999) != downscale-2d.html?205,53,bottom about:blank
fuzzy(20,999) fails-if(OSX>=1008&&!skiaContent) != downscale-2e.html?205,53,bottom about:blank
fuzzy(71,3391) skip-if(/^Linux\x20i686/.test(http.oscpu)) == downscale-moz-icon-1.html downscale-moz-icon-1-ref.html # linux32 timeout, bug 1328771
# Skip on Android because it runs reftests via http, and moz-icon isn't
# accessible from http/https origins anymore.
fuzzy(71,3391) skip-if(Android||/^Linux\x20i686/.test(http.oscpu)) == downscale-moz-icon-1.html downscale-moz-icon-1-ref.html # linux32 timeout, bug 1328771
== downscale-png.html?16,16,interlaced downscale-png.html?16,16,normal
== downscale-png.html?24,24,interlaced downscale-png.html?24,24,normal
@ -171,7 +173,9 @@ fuzzy(20,999) != downscale-2e.html?205,53,bottom about:blank
fuzzy(20,999) != downscale-2f.html?205,53,bottom about:blank
# Skip on WinXP with skia content
fuzzy(77,4439) fails-if(/^Windows\x20NT\x205\.1/.test(http.oscpu)) skip-if(/^Linux\x20i686/.test(http.oscpu)) == downscale-moz-icon-1.html downscale-moz-icon-1-ref.html # linux32 timeout, bug 1328771
# Skip on Android because it runs reftests via http, and moz-icon isn't
# accessible from http/https origins anymore.
fuzzy(77,4439) fails-if(/^Windows\x20NT\x205\.1/.test(http.oscpu)) skip-if(Android||/^Linux\x20i686/.test(http.oscpu)) == downscale-moz-icon-1.html downscale-moz-icon-1-ref.html # linux32 timeout, bug 1328771
== downscale-png.html?16,16,interlaced downscale-png.html?16,16,normal
== downscale-png.html?24,24,interlaced downscale-png.html?24,24,normal