mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fix for 16858 w/o breaking directory browser. r=waterson a=beard

This commit is contained in:
mstoltz%netscape.com 2000-06-01 23:57:48 +00:00
Родитель ef111eb035
Коммит ab8668d6b4
4 изменённых файлов: 22 добавлений и 10 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

26
caps/src/nsScriptSecurityManager.cpp
Просмотреть файл

@ -522,23 +522,23 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aFromURI, nsIURI *aURI,
return NS_OK; return NS_OK;
} }
enum Action { AllowProtocol, DenyProtocol }; enum Action { AllowProtocol, DenyProtocol, LocalProtocol, PrefAccess };
struct { struct {
const char *name; const char *name;
Action action; Action action;
} protocolList[] = { } protocolList[] = {
{ "about", AllowProtocol }, { "about", AllowProtocol },
{ "data", AllowProtocol }, { "data", AllowProtocol },
{ "file", DenyProtocol }, { "file", PrefAccess },
{ "ftp", AllowProtocol }, { "ftp", AllowProtocol },
{ "http", AllowProtocol }, { "http", AllowProtocol },
{ "https", AllowProtocol }, { "https", AllowProtocol },
{ "keyword", DenyProtocol }, { "keyword", DenyProtocol },
{ "res", DenyProtocol }, { "res", DenyProtocol },
{ "resource", DenyProtocol }, { "resource", LocalProtocol },
{ "datetime", DenyProtocol }, { "datetime", DenyProtocol },
{ "finger", AllowProtocol }, { "finger", AllowProtocol },
{ "chrome", DenyProtocol }, { "chrome", LocalProtocol },
{ "javascript", AllowProtocol }, { "javascript", AllowProtocol },
{ "mailto", AllowProtocol }, { "mailto", AllowProtocol },
{ "imap", DenyProtocol }, { "imap", DenyProtocol },
@ -550,13 +550,31 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aFromURI, nsIURI *aURI,
for (unsigned i=0; i < sizeof(protocolList)/sizeof(protocolList[0]); i++) { for (unsigned i=0; i < sizeof(protocolList)/sizeof(protocolList[0]); i++) {
if (nsCRT::strcasecmp(scheme, protocolList[i].name) == 0) { if (nsCRT::strcasecmp(scheme, protocolList[i].name) == 0) {
PRBool doCheck = PR_FALSE;
switch (protocolList[i].action) { switch (protocolList[i].action) {
case AllowProtocol: case AllowProtocol:
// everyone can access these schemes. // everyone can access these schemes.
return NS_OK; return NS_OK;
case PrefAccess:
// Allow access if pref is set
NS_ASSERTION(mPrefs,"nsScriptSecurityManager::mPrefs not initialized");
mIsAccessingPrefs = PR_TRUE;
mPrefs->GetBoolPref("security.checkloaduri", &doCheck);
mIsAccessingPrefs = PR_FALSE;
if (!doCheck)
return NS_OK;
// Otherwise fall through to Deny.
case DenyProtocol: case DenyProtocol:
// Deny access // Deny access
return NS_ERROR_DOM_BAD_URI; return NS_ERROR_DOM_BAD_URI;
case LocalProtocol:
// Other local protocols can access these schemes
for (unsigned j=0; j < sizeof(protocolList)/sizeof(protocolList[0]); j++)
if (nsCRT::strcasecmp(fromScheme, protocolList[j].name) == 0)
if (protocolList[j].action == LocalProtocol)
return NS_OK;
else
return NS_ERROR_DOM_BAD_URI;
} }
} }
} }

2
content/html/style/src/nsCSSLoader.cpp
Просмотреть файл

@ -1283,7 +1283,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
return NS_ERROR_NOT_INITIALIZED; return NS_ERROR_NOT_INITIALIZED;
} }
#if 0
//-- Make sure this page is allowed to load this URL //-- Make sure this page is allowed to load this URL
nsresult rv; nsresult rv;
NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, NS_SCRIPTSECURITYMANAGER_PROGID, &rv); NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, NS_SCRIPTSECURITYMANAGER_PROGID, &rv);
@ -1294,7 +1293,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE); rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE);
NS_IF_RELEASE(docURI); NS_IF_RELEASE(docURI);
if (NS_FAILED(rv)) return NS_ERROR_FAILURE; if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
#endif
// XXX need to add code to cancel any pending sheets for element // XXX need to add code to cancel any pending sheets for element
nsresult result = NS_ERROR_NULL_POINTER; nsresult result = NS_ERROR_NULL_POINTER;

2
layout/html/style/src/nsCSSLoader.cpp
Просмотреть файл

@ -1283,7 +1283,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
return NS_ERROR_NOT_INITIALIZED; return NS_ERROR_NOT_INITIALIZED;
} }
#if 0
//-- Make sure this page is allowed to load this URL //-- Make sure this page is allowed to load this URL
nsresult rv; nsresult rv;
NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, NS_SCRIPTSECURITYMANAGER_PROGID, &rv); NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, NS_SCRIPTSECURITYMANAGER_PROGID, &rv);
@ -1294,7 +1293,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE); rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE);
NS_IF_RELEASE(docURI); NS_IF_RELEASE(docURI);
if (NS_FAILED(rv)) return NS_ERROR_FAILURE; if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
#endif
// XXX need to add code to cancel any pending sheets for element // XXX need to add code to cancel any pending sheets for element
nsresult result = NS_ERROR_NULL_POINTER; nsresult result = NS_ERROR_NULL_POINTER;

2
layout/style/nsCSSLoader.cpp
Просмотреть файл

@ -1283,7 +1283,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
return NS_ERROR_NOT_INITIALIZED; return NS_ERROR_NOT_INITIALIZED;
} }
#if 0
//-- Make sure this page is allowed to load this URL //-- Make sure this page is allowed to load this URL
nsresult rv; nsresult rv;
NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, NS_SCRIPTSECURITYMANAGER_PROGID, &rv); NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, NS_SCRIPTSECURITYMANAGER_PROGID, &rv);
@ -1294,7 +1293,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE); rv = secMan->CheckLoadURI(docURI, aURL, PR_FALSE);
NS_IF_RELEASE(docURI); NS_IF_RELEASE(docURI);
if (NS_FAILED(rv)) return NS_ERROR_FAILURE; if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
#endif
// XXX need to add code to cancel any pending sheets for element // XXX need to add code to cancel any pending sheets for element
nsresult result = NS_ERROR_NULL_POINTER; nsresult result = NS_ERROR_NULL_POINTER;