Propagate the linking page's principal when a file:// URI links to a file:// URI that it's allowed to read. Bug 435362, r=dveditz, sr=sicking, a=shaver

This commit is contained in:
bzbarsky@mit.edu 2008-05-28 11:01:31 -07:00
Родитель 89eea6277a
Коммит 47d66e4e7d
1 изменённых файлов: 9 добавлений и 9 удалений

Просмотреть файл

@ -6716,21 +6716,21 @@ nsDocShell::InternalLoad(nsIURI * aURI,
nsCOMPtr<nsISupports> owner(aOwner);
//
// Get an owner from the current document if necessary. Note that we only
// do this for URIs that inherit a security context; in particular we do
// NOT do this for about:blank. This way, random about:blank loads that
// have no owner (which basically means they were done by someone from
// chrome manually messing with our nsIWebNavigation or by C++ setting
// document.location) don't get a funky principal. If callers want
// something interesting to happen with the about:blank principal in this
// case, they should pass an owner in.
// do this for URIs that inherit a security context and local file URIs;
// in particular we do NOT do this for about:blank. This way, random
// about:blank loads that have no owner (which basically means they were
// done by someone from chrome manually messing with our nsIWebNavigation
// or by C++ setting document.location) don't get a funky principal. If
// callers want something interesting to happen with the about:blank
// principal in this case, they should pass an owner in.
//
{
PRBool inherits;
// One more twist: Don't inherit the owner for external loads.
if (aLoadType != LOAD_NORMAL_EXTERNAL && !owner &&
(aFlags & INTERNAL_LOAD_FLAGS_INHERIT_OWNER) &&
NS_SUCCEEDED(URIInheritsSecurityContext(aURI, &inherits)) &&
inherits) {
((NS_SUCCEEDED(URIInheritsSecurityContext(aURI, &inherits)) &&
inherits) || URIIsLocalFile(aURI))) {
// Don't allow loads that would inherit our security context
// if this document came from an unsafe channel.