зеркало из https://github.com/mozilla/pjs.git
Fixing bug 209717. Making document.load() use the caller's URI as the base URI. r=caillon@aillon.org, sr=hjtoi-bugzilla@comcast.net
This commit is contained in:
jst%netscape.com
Родитель
9b590c4f17
Коммит
ff20a7b3e0
|
|
@ -259,6 +259,8 @@ nsXMLDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup)
|
|||
|
||||
mBaseTarget.Truncate();
|
||||
|
||||
mScriptContext = nsnull;
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
|
|
@ -404,54 +406,91 @@ nsXMLDocument::Load(const nsAString& aUrl, PRBool *aReturn)
|
|||
nsCOMPtr<nsIURI> uri;
|
||||
nsresult rv;
|
||||
|
||||
// Create a new URI
|
||||
rv = NS_NewURI(getter_AddRefs(uri), aUrl, nsnull, mDocumentURL);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
// Get security manager, check to see if we're allowed to load this URI
|
||||
nsCOMPtr<nsIScriptSecurityManager> secMan =
|
||||
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
rv = secMan->CheckConnect(nsnull, uri, "XMLDocument", "load");
|
||||
if (NS_FAILED(rv)) {
|
||||
// We need to return success here so that JS will get a proper exception
|
||||
// thrown later. Native calls should always result in CheckConnect() succeeding,
|
||||
// but in case JS calls C++ which calls this code the exception might be lost.
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Partial Reset, need to restore principal for security reasons and
|
||||
// event listener manager so that load listeners etc. will remain.
|
||||
// event listener manager so that load listeners etc. will
|
||||
// remain. This should be done before the security check is done to
|
||||
// ensure that the document is reset even if the new document can't
|
||||
// be loaded.
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal(mPrincipal);
|
||||
nsCOMPtr<nsIEventListenerManager> elm(mListenerManager);
|
||||
|
||||
Reset(nsnull, nsnull);
|
||||
|
||||
|
||||
mPrincipal = principal;
|
||||
mListenerManager = elm;
|
||||
|
||||
SetDocumentURL(uri);
|
||||
SetBaseURL(uri);
|
||||
|
||||
// Store script context, if any, in case we encounter redirect
|
||||
// (because we need it there)
|
||||
nsCOMPtr<nsIScriptContext> callingContext;
|
||||
|
||||
nsCOMPtr<nsIJSContextStack> stack =
|
||||
do_GetService("@mozilla.org/js/xpc/ContextStack;1");
|
||||
if (stack) {
|
||||
JSContext *cx;
|
||||
if (NS_SUCCEEDED(stack->Peek(&cx)) && cx) {
|
||||
nsContentUtils::GetDynamicScriptContext(cx,
|
||||
getter_AddRefs(mScriptContext));
|
||||
getter_AddRefs(callingContext));
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> baseURI(mDocumentURL);
|
||||
nsCAutoString charset;
|
||||
|
||||
if (callingContext) {
|
||||
nsCOMPtr<nsIScriptGlobalObject> sgo;
|
||||
callingContext->GetGlobalObject(getter_AddRefs(sgo));
|
||||
|
||||
nsCOMPtr<nsIDOMWindow> window(do_QueryInterface(sgo));
|
||||
|
||||
if (window) {
|
||||
nsCOMPtr<nsIDOMDocument> dom_doc;
|
||||
window->GetDocument(getter_AddRefs(dom_doc));
|
||||
nsCOMPtr<nsIDocument> doc(do_QueryInterface(dom_doc));
|
||||
|
||||
if (doc) {
|
||||
doc->GetBaseURL(getter_AddRefs(baseURI));
|
||||
doc->GetDocumentCharacterSet(charset);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Create a new URI
|
||||
rv = NS_NewURI(getter_AddRefs(uri), aUrl, charset.get(), baseURI);
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
// Get security manager, check to see if we're allowed to load this URI
|
||||
nsCOMPtr<nsIScriptSecurityManager> secMan =
|
||||
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
rv = secMan->CheckConnect(nsnull, uri, "XMLDocument", "load");
|
||||
if (NS_FAILED(rv)) {
|
||||
// We need to return success here so that JS will get a proper
|
||||
// exception thrown later. Native calls should always result in
|
||||
// CheckConnect() succeeding, but in case JS calls C++ which calls
|
||||
// this code the exception might be lost.
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
SetDocumentURL(uri);
|
||||
SetBaseURL(uri);
|
||||
|
||||
// Store script context, if any, in case we encounter redirect
|
||||
// (because we need it there)
|
||||
|
||||
mScriptContext = callingContext;
|
||||
|
||||
// Find out if UniversalBrowserRead privileges are enabled - we will
|
||||
// need this in case of a redirect
|
||||
PRBool crossSiteAccessEnabled;
|
||||
rv = secMan->IsCapabilityEnabled("UniversalBrowserRead",
|
||||
&crossSiteAccessEnabled);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
mCrossSiteAccessEnabled = crossSiteAccessEnabled;
|
||||
|
||||
|
|
@ -466,7 +505,9 @@ nsXMLDocument::Load(const nsAString& aUrl, PRBool *aReturn)
|
|||
// which in turn keeps STOP button from becoming active
|
||||
rv = NS_NewChannel(getter_AddRefs(channel), uri, nsnull, loadGroup, this,
|
||||
nsIRequest::LOAD_BACKGROUND);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
// Set a principal for this document
|
||||
nsCOMPtr<nsISupports> channelOwner;
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче