summaryrefslogtreecommitdiff
path: root/caps
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-06-24 11:12:28 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-06-24 11:12:28 +0200
commit3f10db93673901b82b779b40d61b40637e451ca4 (patch)
tree3981963dfe434b6c2e46f89824e4680f315a4a23 /caps
parentf8cd46ae548129836ce411175a9b39a05376d85a (diff)
downloaduxp-3f10db93673901b82b779b40d61b40637e451ca4.tar.gz
Restrict web access to moz-icon:// scheme
This resolves #542
Diffstat (limited to 'caps')
-rw-r--r--caps/nsScriptSecurityManager.cpp19
1 files changed, 16 insertions, 3 deletions
diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp
index a219dcaed7..0277f771d7 100644
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -836,6 +836,16 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
// exception for foo: linking to view-source:foo for reftests...
return NS_OK;
}
+ else if ((!sourceScheme.EqualsIgnoreCase("http") &&
+ !sourceScheme.EqualsIgnoreCase("https")) &&
+ targetScheme.EqualsIgnoreCase("moz-icon"))
+ {
+ // Exception for linking to moz-icon://.ext?size=...
+ // Note that because targetScheme is the base (innermost) URI scheme,
+ // this does NOT allow e.g. file -> moz-icon:file:///... links.
+ // This is intentional.
+ return NS_OK;
+ }
// If we get here, check all the schemes can link to each other, from the top down:
nsCaseInsensitiveCStringComparator stringComparator;
@@ -976,9 +986,12 @@ nsScriptSecurityManager::CheckLoadURIFlags(nsIURI *aSourceURI,
if (hasFlags) {
if (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) {
- // For now, don't change behavior for resource:// or moz-icon:// and
- // just allow them.
- if (!targetScheme.EqualsLiteral("chrome")) {
+ // For now, don't change behavior for resource:// and
+ // just allow it. This is required for extensions injecting
+ // extension-internal resource URLs in snippets in pages, e.g.
+ // Adding custom controls in-page.
+ if (!targetScheme.EqualsLiteral("chrome") &&
+ !targetScheme.EqualsLiteral("moz-icon")) {
return NS_OK;
}