diff options
author | Moonchild <git-repo@palemoon.org> | 2019-05-25 12:29:51 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-05-25 12:29:51 +0000 |
commit | 72260727093c92eaca78a3ea4d32bfafa49af8c3 (patch) | |
tree | ba5878e5f6cf7eaa6ee82d098e6757e4211a91ee | |
parent | e24e6346b70d3d212e9c9b7aa14f79f1d3ea86e8 (diff) | |
parent | ca9e6a4fa9d075bc9cce68b7fb44a7f1bcf3f8c7 (diff) | |
download | uxp-72260727093c92eaca78a3ea4d32bfafa49af8c3.tar.gz |
Merge pull request #1114 from g4jc/disable-meta-cookie
Disable <meta http-equiv=set-cookie>
30 files changed, 32 insertions, 17 deletions
diff --git a/dom/base/nsContentSink.cpp b/dom/base/nsContentSink.cpp index 85b3d07bf8..490f0ec17c 100644 --- a/dom/base/nsContentSink.cpp +++ b/dom/base/nsContentSink.cpp @@ -304,7 +304,8 @@ nsContentSink::ProcessHeaderData(nsIAtom* aHeader, const nsAString& aValue, mDocument->SetHeaderData(aHeader, aValue); - if (aHeader == nsGkAtoms::setcookie) { + if (aHeader == nsGkAtoms::setcookie && + Preferences::GetBool("dom.meta-set-cookie.enabled", true)) { // Don't allow setting cookies in cookie-averse documents. if (mDocument->IsCookieAverse()) { return NS_OK; diff --git a/extensions/cookie/test/file_domain_hierarchy_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner.html index 1a37345975..a62e1b9e42 100644 --- a/extensions/cookie/test/file_domain_hierarchy_inner.html +++ b/extensions/cookie/test/file_domain_hierarchy_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag"> <script type="text/javascript"> document.cookie = "can=has"; diff --git a/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^ new file mode 100644 index 0000000000..993cedb908 --- /dev/null +++ b/extensions/cookie/test/file_domain_hierarchy_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta=tag diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html index 3075b971a5..9b8f1a2f33 100644 --- a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html +++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2"> <script type="text/javascript"> document.cookie = "can2=has2"; diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^ new file mode 100644 index 0000000000..405494cd6e --- /dev/null +++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta2=tag2 diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html index e8d09338b3..d306efb1c0 100644 --- a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html +++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta3=tag3"> <script type="text/javascript"> document.cookie = "can3=has3"; diff --git a/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^ new file mode 100644 index 0000000000..add3336ec9 --- /dev/null +++ b/extensions/cookie/test/file_domain_hierarchy_inner_inner_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta3=tag3 diff --git a/extensions/cookie/test/file_domain_inner.html b/extensions/cookie/test/file_domain_inner.html index 1a05c45f80..9db41e9040 100644 --- a/extensions/cookie/test/file_domain_inner.html +++ b/extensions/cookie/test/file_domain_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag"> <script type="text/javascript"> document.cookie = "can=has"; diff --git a/extensions/cookie/test/file_domain_inner.html^headers^ b/extensions/cookie/test/file_domain_inner.html^headers^ new file mode 100644 index 0000000000..993cedb908 --- /dev/null +++ b/extensions/cookie/test/file_domain_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta=tag diff --git a/extensions/cookie/test/file_domain_inner_inner.html b/extensions/cookie/test/file_domain_inner_inner.html index 7bc0e44a98..5850e3fa0f 100644 --- a/extensions/cookie/test/file_domain_inner_inner.html +++ b/extensions/cookie/test/file_domain_inner_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2"> <script type="text/javascript"> document.cookie = "can2=has2"; diff --git a/extensions/cookie/test/file_domain_inner_inner.html^headers^ b/extensions/cookie/test/file_domain_inner_inner.html^headers^ new file mode 100644 index 0000000000..405494cd6e --- /dev/null +++ b/extensions/cookie/test/file_domain_inner_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta2=tag2 diff --git a/extensions/cookie/test/file_image_inner.html b/extensions/cookie/test/file_image_inner.html index aada82d71a..902a055e4c 100644 --- a/extensions/cookie/test/file_image_inner.html +++ b/extensions/cookie/test/file_image_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag"> <script type="text/javascript"> document.cookie = "can=has"; diff --git a/extensions/cookie/test/file_image_inner.html^headers^ b/extensions/cookie/test/file_image_inner.html^headers^ new file mode 100644 index 0000000000..993cedb908 --- /dev/null +++ b/extensions/cookie/test/file_image_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta=tag diff --git a/extensions/cookie/test/file_image_inner_inner.html b/extensions/cookie/test/file_image_inner_inner.html index 1989b53de7..d24ae0d27b 100644 --- a/extensions/cookie/test/file_image_inner_inner.html +++ b/extensions/cookie/test/file_image_inner_inner.html @@ -3,7 +3,6 @@ <head> <link rel="stylesheet" type="text/css" media="all" href="http://example.org/tests/extensions/cookie/test/test1.css" /> <link rel="stylesheet" type="text/css" media="all" href="http://example.com/tests/extensions/cookie/test/test2.css" /> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta2=tag2"> <script type="text/javascript"> function runTest() { document.cookie = "can2=has2"; diff --git a/extensions/cookie/test/file_image_inner_inner.html^headers^ b/extensions/cookie/test/file_image_inner_inner.html^headers^ new file mode 100644 index 0000000000..405494cd6e --- /dev/null +++ b/extensions/cookie/test/file_image_inner_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta2=tag2 diff --git a/extensions/cookie/test/file_loadflags_inner.html b/extensions/cookie/test/file_loadflags_inner.html index 5a7a6ccc13..fbea01cfd3 100644 --- a/extensions/cookie/test/file_loadflags_inner.html +++ b/extensions/cookie/test/file_loadflags_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag"> <script type="text/javascript"> function runTest() { document.cookie = "can=has"; diff --git a/extensions/cookie/test/file_loadflags_inner.html^headers^ b/extensions/cookie/test/file_loadflags_inner.html^headers^ new file mode 100644 index 0000000000..993cedb908 --- /dev/null +++ b/extensions/cookie/test/file_loadflags_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta=tag diff --git a/extensions/cookie/test/file_localhost_inner.html b/extensions/cookie/test/file_localhost_inner.html index db9917f000..82641d71c0 100644 --- a/extensions/cookie/test/file_localhost_inner.html +++ b/extensions/cookie/test/file_localhost_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag"> <script type="text/javascript"> document.cookie = "can=has"; diff --git a/extensions/cookie/test/file_localhost_inner.html^headers^ b/extensions/cookie/test/file_localhost_inner.html^headers^ new file mode 100644 index 0000000000..993cedb908 --- /dev/null +++ b/extensions/cookie/test/file_localhost_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta=tag diff --git a/extensions/cookie/test/file_loopback_inner.html b/extensions/cookie/test/file_loopback_inner.html index e6c115c50b..9af1a65688 100644 --- a/extensions/cookie/test/file_loopback_inner.html +++ b/extensions/cookie/test/file_loopback_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag"> <script type="text/javascript"> document.cookie = "can=has"; diff --git a/extensions/cookie/test/file_loopback_inner.html^headers^ b/extensions/cookie/test/file_loopback_inner.html^headers^ new file mode 100644 index 0000000000..993cedb908 --- /dev/null +++ b/extensions/cookie/test/file_loopback_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta=tag diff --git a/extensions/cookie/test/file_subdomain_inner.html b/extensions/cookie/test/file_subdomain_inner.html index 5f608b8110..0aab0d8525 100644 --- a/extensions/cookie/test/file_subdomain_inner.html +++ b/extensions/cookie/test/file_subdomain_inner.html @@ -1,7 +1,6 @@ <!DOCTYPE HTML> <html> <head> - <META HTTP-EQUIV="Set-Cookie" CONTENT="meta=tag"> <script type="text/javascript"> document.cookie = "can=has"; diff --git a/extensions/cookie/test/file_subdomain_inner.html^headers^ b/extensions/cookie/test/file_subdomain_inner.html^headers^ new file mode 100644 index 0000000000..993cedb908 --- /dev/null +++ b/extensions/cookie/test/file_subdomain_inner.html^headers^ @@ -0,0 +1 @@ +Set-Cookie: meta=tag diff --git a/extensions/cookie/test/mochitest.ini b/extensions/cookie/test/mochitest.ini index 673fad7b8d..66c7038e9f 100644 --- a/extensions/cookie/test/mochitest.ini +++ b/extensions/cookie/test/mochitest.ini @@ -6,16 +6,27 @@ support-files = damonbowling.jpg^headers^ file_chromecommon.js file_domain_hierarchy_inner.html + file_domain_hierarchy_inner.html^headers^ file_domain_hierarchy_inner_inner.html + file_domain_hierarchy_inner_inner.html^headers^ file_domain_hierarchy_inner_inner_inner.html + file_domain_hierarchy_inner_inner_inner.html^headers^ file_domain_inner.html + file_domain_inner.html^headers^ file_domain_inner_inner.html + file_domain_inner_inner.html^headers^ file_image_inner.html + file_image_inner.html^headers^ file_image_inner_inner.html + file_image_inner_inner.html^headers^ file_loadflags_inner.html + file_loadflags_inner.html^headers^ file_localhost_inner.html + file_localhost_inner.html^headers^ file_loopback_inner.html + file_loopback_inner.html^headers^ file_subdomain_inner.html + file_subdomain_inner.html^headers^ file_testcommon.js file_testloadflags.js file_testloadflags_chromescript.js diff --git a/extensions/cookie/test/test_same_base_domain.html b/extensions/cookie/test/test_same_base_domain.html index 9232b4e09b..acf020eb8e 100644 --- a/extensions/cookie/test/test_same_base_domain.html +++ b/extensions/cookie/test/test_same_base_domain.html @@ -5,7 +5,7 @@ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> -<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_domain_inner.html', 5, 2)"> +<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_domain_inner.html', 4, 2)"> <p id="display"></p> <pre id="test"> <script class="testbody" type="text/javascript" src="file_testcommon.js"> diff --git a/extensions/cookie/test/test_same_base_domain_2.html b/extensions/cookie/test/test_same_base_domain_2.html index d692524c5b..44e4008581 100644 --- a/extensions/cookie/test/test_same_base_domain_2.html +++ b/extensions/cookie/test/test_same_base_domain_2.html @@ -5,7 +5,7 @@ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> -<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)"> +<body onload="setupTest('http://test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)"> <p id="display"></p> <pre id="test"> <script class="testbody" type="text/javascript" src="file_testcommon.js"> diff --git a/extensions/cookie/test/test_same_base_domain_3.html b/extensions/cookie/test/test_same_base_domain_3.html index f0cd687f91..dfdbabde01 100644 --- a/extensions/cookie/test/test_same_base_domain_3.html +++ b/extensions/cookie/test/test_same_base_domain_3.html @@ -5,7 +5,7 @@ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> -<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)"> +<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)"> <p id="display"></p> <pre id="test"> <script class="testbody" type="text/javascript" src="file_testcommon.js"> diff --git a/extensions/cookie/test/test_same_base_domain_5.html b/extensions/cookie/test/test_same_base_domain_5.html index 49b2379b62..b603158c14 100644 --- a/extensions/cookie/test/test_same_base_domain_5.html +++ b/extensions/cookie/test/test_same_base_domain_5.html @@ -5,7 +5,7 @@ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> -<body onload="setupTest('http://sub1.test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 5, 2)"> +<body onload="setupTest('http://sub1.test1.example.org/tests/extensions/cookie/test/file_subdomain_inner.html', 4, 2)"> <p id="display"></p> <pre id="test"> <script class="testbody" type="text/javascript" src="file_testcommon.js"> diff --git a/extensions/cookie/test/test_samedomain.html b/extensions/cookie/test/test_samedomain.html index 9051d3b396..e8f623828b 100644 --- a/extensions/cookie/test/test_samedomain.html +++ b/extensions/cookie/test/test_samedomain.html @@ -5,7 +5,7 @@ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> -<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_domain_inner.html', 5, 2)"> +<body onload="setupTest('http://example.org/tests/extensions/cookie/test/file_domain_inner.html', 4, 2)"> <p id="display"></p> <pre id="test"> <script class="testbody" type="text/javascript" src="file_testcommon.js"> diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 123436ebdf..ee435d66a1 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -5199,6 +5199,9 @@ pref("intl.allow-insecure-text-input", false); // Enable meta-viewport support in remote APZ-enabled frames. pref("dom.meta-viewport.enabled", false); +// Disable <meta http-equiv=set-cookie> support. See m-c bug 1457503 / UXP #1102. +pref("dom.meta-set-cookie.enabled", false); + // MozSettings debugging prefs for each component pref("dom.mozSettings.SettingsDB.debug.enabled", false); pref("dom.mozSettings.SettingsManager.debug.enabled", false); |