Fixing bug 78831 - treat chrome and resource URLs the same in the

URL loading check and give them access to each other. r=pavlov, sr=brendan. This allows us to turn on the fix (already reviewed) for 69070.
2001-05-15 22:47:21 +00:00 · 2001-05-15 22:47:21 +00:00 · f9c13993e0
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@ -686,7 +686,7 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
        { "aim",             AllowProtocol  },
        { "data",            AllowProtocol  },
        { "keyword",         DenyProtocol   },
-        { "resource",        DenyProtocol   },
+        { "resource",        ChromeProtocol },
        { "gopher",          AllowProtocol  },
        { "datetime",        DenyProtocol   },
        { "finger",          AllowProtocol  },
@ -707,8 +707,13 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
                mPrefs->GetBoolPref("security.checkloaduri", &doCheck);
                return doCheck ? ReportErrorToConsole(aTargetURI) : NS_OK;
            case ChromeProtocol:
-                return (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) ?
-                    NS_OK : ReportErrorToConsole(aTargetURI);
+                if (aFlags & nsIScriptSecurityManager::ALLOW_CHROME)
+                    return NS_OK;
+                // resource: and chrome: are equivalent, securitywise
+                if ((PL_strcmp(sourceScheme, "chrome") == 0) ||
+                    (PL_strcmp(sourceScheme, "resource") == 0))
+                    return NS_OK;
+                return ReportErrorToConsole(aTargetURI);
            case AboutProtocol:
                // Allow loading about:blank, otherwise deny
                if(NS_FAILED(targetUri->GetSpec(getter_Copies(targetSpec))))
--- a/layout/generic/nsImageFrame.cpp
+++ b/layout/generic/nsImageFrame.cpp
@ -1461,7 +1461,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
 {
  PRBool shouldLoad = PR_TRUE; // default permit

-#if 0
  nsCOMPtr<nsIScriptSecurityManager> securityManager(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));

  if (securityManager) {
@ -1472,7 +1471,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
    if (NS_FAILED(proceed))
      return PR_FALSE;
  }
-#endif

  // XXX leave this if 0'd until there is a good way to test it.
 #if 0
--- a/layout/html/base/src/nsImageFrame.cpp
+++ b/layout/html/base/src/nsImageFrame.cpp
@ -1461,7 +1461,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
 {
  PRBool shouldLoad = PR_TRUE; // default permit

-#if 0
  nsCOMPtr<nsIScriptSecurityManager> securityManager(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));

  if (securityManager) {
@ -1472,7 +1471,6 @@ nsImageFrame::CanLoadImage(nsIURI *aURI)
    if (NS_FAILED(proceed))
      return PR_FALSE;
  }
-#endif

  // XXX leave this if 0'd until there is a good way to test it.
 #if 0