diff options
| author | Moonchild <moonchild@palemoon.org> | 2021-11-04 20:30:30 +0000 |
|---|---|---|
| committer | Gaming4JC <g4jc@hyperbola.info> | 2022-05-08 16:44:28 -0400 |
| commit | dfbb1dc05d0146bb8f12eac0da776cd91c3cdba3 (patch) | |
| tree | 92ce1d8bbb4c5ba5d6957b00f7a7a47dad15309e | |
| parent | 34964f0ea6b83234e47396441ca3b8334dbf0daa (diff) | |
| download | iceweasel-uxp-dfbb1dc05d0146bb8f12eac0da776cd91c3cdba3.tar.gz | |
Prevent form popups from crossing the "line of death".
Without this, doorhangers could potentially be spoofed to overlap legitimate
permission popups like geolocation or plugin permissions.
Another reason doorhangers are evil!
| -rw-r--r-- | modules/FormValidationHandler.jsm | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/FormValidationHandler.jsm b/modules/FormValidationHandler.jsm index e7e7b14..b88c282 100644 --- a/modules/FormValidationHandler.jsm +++ b/modules/FormValidationHandler.jsm @@ -124,7 +124,7 @@ var FormValidationHandler = let tabBrowser = aWindow.gBrowser; this._anchor = tabBrowser.popupAnchor; this._anchor.left = aPanelData.contentRect.left; - this._anchor.top = aPanelData.contentRect.top; + this._anchor.top = Math.max(0, aPanelData.contentRect.top); this._anchor.width = aPanelData.contentRect.width; this._anchor.height = aPanelData.contentRect.height; this._anchor.hidden = false; |