Bug 1329186 - (1) Use asyncOpen2() and (2) change nsILoadInfo.SEC_NORMAL to SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL when using a SystemPrincipal r=IanN a=IanN
This commit is contained in:
Philip Chee
Родитель
05a8e17196
Коммит
c6f5a04813
|
|
@ -103,9 +103,9 @@ function registerPlayPreview(mimeType, targetUrl) {
|
|||
var channel = ios.newChannel2(targetUrl, null, null, null,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_OTHER);
|
||||
channel.asyncOpen(this.listener, aContext);
|
||||
channel.asyncOpen2(this.listener);
|
||||
},
|
||||
|
||||
// nsIRequestObserver::onStopRequest
|
||||
|
|
|
|||
|
|
@ -1091,7 +1091,7 @@ nsContextMenu.prototype = {
|
|||
var channel = ios.newChannel2(linkURL, null, null, null,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_OTHER);
|
||||
channel.notificationCallbacks = new Callbacks();
|
||||
|
||||
|
|
@ -1119,7 +1119,7 @@ nsContextMenu.prototype = {
|
|||
var timer = setTimeout(timerCallback, timeToWait);
|
||||
|
||||
// kick off the channel with our proxy object as the listener
|
||||
channel.asyncOpen(new SaveAsListener(), null);
|
||||
channel.asyncOpen2(new SaveAsListener());
|
||||
},
|
||||
|
||||
// Save URL of clicked-on image, video, or audio.
|
||||
|
|
|
|||
|
|
@ -838,7 +838,7 @@ function check_for_missing_panels() {
|
|||
var channel = ios.newChannel2(prereq_file, null, null, null,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_OTHER);
|
||||
try {
|
||||
channel.open();
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ About.prototype = {
|
|||
Services.io.newChannelFromURI2(newURI, null,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_OTHER);
|
||||
channel.originalURI = aURI;
|
||||
if (this[module + "Flags"] & UNTRUSTED)
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ GopherProtocol.prototype = {
|
|||
ios.newChannelFromURI2(newURI, null,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_OTHER);
|
||||
chan.originalURI = inputURI;
|
||||
chan.owner = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
|
||||
|
|
|
|||
|
|
@ -264,7 +264,7 @@ FeedConverter.prototype = {
|
|||
chromeChannel = Services.io.newChannelFromURIWithLoadInfo(result.uri, loadInfo);
|
||||
|
||||
chromeChannel.loadGroup = this._request.loadGroup;
|
||||
chromeChannel.asyncOpen(this._listener, null);
|
||||
chromeChannel.asyncOpen2(this._listener);
|
||||
}
|
||||
finally {
|
||||
this._releaseHandles();
|
||||
|
|
@ -534,7 +534,7 @@ GenericProtocolHandler.prototype = {
|
|||
ios.newChannelFromURI2(uri, null,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_OTHER);
|
||||
if (channel instanceof Components.interfaces.nsIHttpChannel)
|
||||
// Set this so we know this is supposed to be a feed
|
||||
|
|
|
|||
|
|
@ -512,8 +512,8 @@ FeedWriter.prototype = {
|
|||
if (enc.hasKey("length") && /^[0-9]+$/.test(enc.get("length"))) {
|
||||
let enc_size = convertByteUnits(parseInt(enc.get("length")));
|
||||
|
||||
let size_text = this._getFormattedString("enclosureSizeText",
|
||||
[enc_size[0], this._getString(enc_size[1])]);
|
||||
size_text = this._getFormattedString("enclosureSizeText",
|
||||
[enc_size[0], this._getString(enc_size[1])]);
|
||||
}
|
||||
|
||||
let iconimg = this._document.createElementNS(HTML_NS, "img");
|
||||
|
|
@ -974,11 +974,13 @@ FeedWriter.prototype = {
|
|||
.getInterface(Components.interfaces.nsIWebNavigation)
|
||||
.QueryInterface(Components.interfaces.nsIDocShell)
|
||||
.currentDocumentChannel;
|
||||
// The following channel is never openend, so it does not matter what
|
||||
// securityFlags we pass; let's follow the principle of least privilege.
|
||||
var ios = Services.io;
|
||||
var channel = ios.newChannel2(FEEDHANDLER_URI, null, null, null,
|
||||
this._feedprincipal,
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_OTHER);
|
||||
var resolvedURI = channel.URI;
|
||||
|
||||
|
|
|
|||
|
|
@ -709,7 +709,7 @@ function storePhoto(aUri) {
|
|||
null,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null,
|
||||
Components.interfaces.nsILoadInfo.SEC_NORMAL,
|
||||
Components.interfaces.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
Components.interfaces.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
|
||||
|
||||
var istream = channel.open();
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче