summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMoonchild <git-repo@palemoon.org>2019-05-25 12:29:51 +0000
committerGitHub <noreply@github.com>2019-05-25 12:29:51 +0000
commit72260727093c92eaca78a3ea4d32bfafa49af8c3 (patch)
treeba5878e5f6cf7eaa6ee82d098e6757e4211a91ee
parente24e6346b70d3d212e9c9b7aa14f79f1d3ea86e8 (diff)
parentca9e6a4fa9d075bc9cce68b7fb44a7f1bcf3f8c7 (diff)
downloaduxp-72260727093c92eaca78a3ea4d32bfafa49af8c3.tar.gz
Merge pull request #1114 from g4jc/disable-meta-cookie
Disable <meta http-equiv=set-cookie>
-rw-r--r--dom/base/nsContentSink.cpp3
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_domain_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_domain_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_image_inner.html1
-rw-r--r--extensions/cookie/test/file_image_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_image_inner_inner.html1
-rw-r--r--extensions/cookie/test/file_image_inner_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_loadflags_inner.html1
-rw-r--r--extensions/cookie/test/file_loadflags_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_localhost_inner.html1
-rw-r--r--extensions/cookie/test/file_localhost_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_loopback_inner.html1
-rw-r--r--extensions/cookie/test/file_loopback_inner.html^headers^1
-rw-r--r--extensions/cookie/test/file_subdomain_inner.html1
-rw-r--r--extensions/cookie/test/file_subdomain_inner.html^headers^1
-rw-r--r--extensions/cookie/test/mochitest.ini11
-rw-r--r--extensions/cookie/test/test_same_base_domain.html2
-rw-r--r--extensions/cookie/test/test_same_base_domain_2.html2
-rw-r--r--extensions/cookie/test/test_same_base_domain_3.html2
-rw-r--r--extensions/cookie/test/test_same_base_domain_5.html2
-rw-r--r--extensions/cookie/test/test_samedomain.html2
-rw-r--r--modules/libpref/init/all.js3
30 files changed, 32 insertions, 17 deletions
diff --git a/dom/base/nsContentSink.cpp b/dom/base/nsContentSink.cpp
index 85b3d07bf8..490f0ec17c 100644
--- a/dom/base/nsContentSink.cpp
+++ b/dom/base/nsContentSink.cpp
@@ -304,7 +304,8 @@ nsContentSink::ProcessHeaderData(nsIAtom* aHeader, const nsAString& aValue,
mDocument->SetHeaderData(aHeader, aValue);
- if (aHeader == nsGkAtoms::setcookie) {
+ if (aHeader == nsGkAtoms::setcookie &&
+ Preferences::GetBool("dom.meta-set-cookie.enabled", true)) {
// Don't allow setting cookies in cookie-averse documents.
if (mDocument->IsCookieAverse()) {
return NS_OK;
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner.html
index 1a37345975..a62e1b9e42 100644
--- a/extensions/cookie/test/file_domain_hierarchy_inner.html
+++ b/extensions/cookie/test/file_domain_hierarchy_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^
new file mode 100644
index 0000000000..993cedb908
--- /dev/null
+++ b/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html
index 3075b971a5..9b8f1a2f33 100644
--- a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2">
<script type="text/javascript">
document.cookie = "can2=has2";
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^
new file mode 100644
index 0000000000..405494cd6e
--- /dev/null
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta2=tag2
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html
index e8d09338b3..d306efb1c0 100644
--- a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta3=tag3">
<script type="text/javascript">
document.cookie = "can3=has3";
diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^
new file mode 100644
index 0000000000..add3336ec9
--- /dev/null
+++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta3=tag3
diff --git a/extensions/cookie/test/file_domain_inner.html b/extensions/cookie/test/file_domain_inner.html
index 1a05c45f80..9db41e9040 100644
--- a/extensions/cookie/test/file_domain_inner.html
+++ b/extensions/cookie/test/file_domain_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_domain_inner.html^headers^ b/extensions/cookie/test/file_domain_inner.html^headers^
new file mode 100644
index 0000000000..993cedb908
--- /dev/null
+++ b/extensions/cookie/test/file_domain_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_domain_inner_inner.html b/extensions/cookie/test/file_domain_inner_inner.html
index 7bc0e44a98..5850e3fa0f 100644
--- a/extensions/cookie/test/file_domain_inner_inner.html
+++ b/extensions/cookie/test/file_domain_inner_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2">
<script type="text/javascript">
document.cookie = "can2=has2";
diff --git a/extensions/cookie/test/file_domain_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_inner_inner.html^headers^
new file mode 100644
index 0000000000..405494cd6e
--- /dev/null
+++ b/extensions/cookie/test/file_domain_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta2=tag2
diff --git a/extensions/cookie/test/file_image_inner.html b/extensions/cookie/test/file_image_inner.html
index aada82d71a..902a055e4c 100644
--- a/extensions/cookie/test/file_image_inner.html
+++ b/extensions/cookie/test/file_image_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_image_inner.html^headers^ b/extensions/cookie/test/file_image_inner.html^headers^
new file mode 100644
index 0000000000..993cedb908
--- /dev/null
+++ b/extensions/cookie/test/file_image_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_image_inner_inner.html b/extensions/cookie/test/file_image_inner_inner.html
index 1989b53de7..d24ae0d27b 100644
--- a/extensions/cookie/test/file_image_inner_inner.html
+++ b/extensions/cookie/test/file_image_inner_inner.html
@@ -3,7 +3,6 @@
<head>
<link rel="stylesheet" type="text/css" media="all" href="http://example.org/tests/extensions/cookie/test/test1.css" />
<link rel="stylesheet" type="text/css" media="all" href="http://example.com/tests/extensions/cookie/test/test2.css" />
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2">
<script type="text/javascript">
function runTest() {
document.cookie = "can2=has2";
diff --git a/extensions/cookie/test/file_image_inner_inner.html^headers^ b/extensions/cookie/test/file_image_inner_inner.html^headers^
new file mode 100644
index 0000000000..405494cd6e
--- /dev/null
+++ b/extensions/cookie/test/file_image_inner_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta2=tag2
diff --git a/extensions/cookie/test/file_loadflags_inner.html b/extensions/cookie/test/file_loadflags_inner.html
index 5a7a6ccc13..fbea01cfd3 100644
--- a/extensions/cookie/test/file_loadflags_inner.html
+++ b/extensions/cookie/test/file_loadflags_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
function runTest() {
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_loadflags_inner.html^headers^ b/extensions/cookie/test/file_loadflags_inner.html^headers^
new file mode 100644
index 0000000000..993cedb908
--- /dev/null
+++ b/extensions/cookie/test/file_loadflags_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_localhost_inner.html b/extensions/cookie/test/file_localhost_inner.html
index db9917f000..82641d71c0 100644
--- a/extensions/cookie/test/file_localhost_inner.html
+++ b/extensions/cookie/test/file_localhost_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_localhost_inner.html^headers^ b/extensions/cookie/test/file_localhost_inner.html^headers^
new file mode 100644
index 0000000000..993cedb908
--- /dev/null
+++ b/extensions/cookie/test/file_localhost_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_loopback_inner.html b/extensions/cookie/test/file_loopback_inner.html
index e6c115c50b..9af1a65688 100644
--- a/extensions/cookie/test/file_loopback_inner.html
+++ b/extensions/cookie/test/file_loopback_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_loopback_inner.html^headers^ b/extensions/cookie/test/file_loopback_inner.html^headers^
new file mode 100644
index 0000000000..993cedb908
--- /dev/null
+++ b/extensions/cookie/test/file_loopback_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/file_subdomain_inner.html b/extensions/cookie/test/file_subdomain_inner.html
index 5f608b8110..0aab0d8525 100644
--- a/extensions/cookie/test/file_subdomain_inner.html
+++ b/extensions/cookie/test/file_subdomain_inner.html
@@ -1,7 +1,6 @@
<!DOCTYPE HTML>
<html>
<head>
- <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag">
<script type="text/javascript">
document.cookie = "can=has";
diff --git a/extensions/cookie/test/file_subdomain_inner.html^headers^ b/extensions/cookie/test/file_subdomain_inner.html^headers^
new file mode 100644
index 0000000000..993cedb908
--- /dev/null
+++ b/extensions/cookie/test/file_subdomain_inner.html^headers^
@@ -0,0 +1 @@
+Set-Cookie: meta=tag
diff --git a/extensions/cookie/test/mochitest.ini b/extensions/cookie/test/mochitest.ini
index 673fad7b8d..66c7038e9f 100644
--- a/extensions/cookie/test/mochitest.ini
+++ b/extensions/cookie/test/mochitest.ini
@@ -6,16 +6,27 @@ support-files =
damonbowling.jpg^headers^
file_chromecommon.js
file_domain_hierarchy_inner.html
+ file_domain_hierarchy_inner.html^headers^
file_domain_hierarchy_inner_inner.html
+ file_domain_hierarchy_inner_inner.html^headers^
file_domain_hierarchy_inner_inner_inner.html
+ file_domain_hierarchy_inner_inner_inner.html^headers^
file_domain_inner.html
+ file_domain_inner.html^headers^
file_domain_inner_inner.html
+ file_domain_inner_inner.html^headers^
file_image_inner.html
+ file_image_inner.html^headers^
file_image_inner_inner.html
+ file_image_inner_inner.html^headers^
file_loadflags_inner.html
+ file_loadflags_inner.html^headers^
file_localhost_inner.html
+ file_localhost_inner.html^headers^
file_loopback_inner.html
+ file_loopback_inner.html^headers^
file_subdomain_inner.html
+ file_subdomain_inner.html^headers^
file_testcommon.js
file_testloadflags.js
file_testloadflags_chromescript.js
diff --git a/extensions/cookie/test/test_same_base_domain.html b/extensions/cookie/test/test_same_base_domain.html
index 9232b4e09b..acf020eb8e 100644
--- a/extensions/cookie/test/test_same_base_domain.html
+++ b/extensions/cookie/test/test_same_base_domain.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_domain_inner.html', 5, 2)">
+<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_domain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_same_base_domain_2.html b/extensions/cookie/test/test_same_base_domain_2.html
index d692524c5b..44e4008581 100644
--- a/extensions/cookie/test/test_same_base_domain_2.html
+++ b/extensions/cookie/test/test_same_base_domain_2.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)">
+<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_same_base_domain_3.html b/extensions/cookie/test/test_same_base_domain_3.html
index f0cd687f91..dfdbabde01 100644
--- a/extensions/cookie/test/test_same_base_domain_3.html
+++ b/extensions/cookie/test/test_same_base_domain_3.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)">
+<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_same_base_domain_5.html b/extensions/cookie/test/test_same_base_domain_5.html
index 49b2379b62..b603158c14 100644
--- a/extensions/cookie/test/test_same_base_domain_5.html
+++ b/extensions/cookie/test/test_same_base_domain_5.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://sub1.test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)">
+<body onload="setupTest('http://sub1.test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/extensions/cookie/test/test_samedomain.html b/extensions/cookie/test/test_samedomain.html
index 9051d3b396..e8f623828b 100644
--- a/extensions/cookie/test/test_samedomain.html
+++ b/extensions/cookie/test/test_samedomain.html
@@ -5,7 +5,7 @@
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
-<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_domain_inner.html', 5, 2)">
+<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_domain_inner.html', 4, 2)">
<p id="display"></p>
<pre id="test">
<script class="testbody" type="text/javascript" src="file_testcommon.js">
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 123436ebdf..ee435d66a1 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5199,6 +5199,9 @@ pref("intl.allow-insecure-text-input", false);
// Enable meta-viewport support in remote APZ-enabled frames.
pref("dom.meta-viewport.enabled", false);
+// Disable <meta http-equiv=set-cookie> support. See m-c bug 1457503 / UXP #1102.
+pref("dom.meta-set-cookie.enabled", false);
+
// MozSettings debugging prefs for each component
pref("dom.mozSettings.SettingsDB.debug.enabled", false);
pref("dom.mozSettings.SettingsManager.debug.enabled", false);