diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-22 20:38:02 +0200 |
---|---|---|
committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-22 20:38:02 +0200 |
commit | 95c46082414632687e3ddd52435d476ab9dc320f (patch) | |
tree | cc745a6ddad92f5cfe56470068108c2d9c81fefa /toolkit/modules | |
parent | a38e87d455f6ad3637deeae20d2ddc57430b498d (diff) | |
download | uxp-95c46082414632687e3ddd52435d476ab9dc320f.tar.gz |
Bug 1329288: Allow content policy consumers to identify contentPolicy checks from docshell
Diffstat (limited to 'toolkit/modules')
-rw-r--r-- | toolkit/modules/addons/WebRequestContent.js | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/toolkit/modules/addons/WebRequestContent.js b/toolkit/modules/addons/WebRequestContent.js index 219675e5b9..f044a1cd4e 100644 --- a/toolkit/modules/addons/WebRequestContent.js +++ b/toolkit/modules/addons/WebRequestContent.js @@ -80,6 +80,16 @@ var ContentPolicy = { shouldLoad(policyType, contentLocation, requestOrigin, node, mimeTypeGuess, extra, requestPrincipal) { + + // Loads of TYPE_DOCUMENT and TYPE_SUBDOCUMENT perform a ConPol check + // within docshell as well as within the ContentSecurityManager. To avoid + // duplicate evaluations we ignore ConPol checks performed within docShell. + if (extra instanceof Ci.nsISupportsString) { + if (extra.data === "conPolCheckFromDocShell") { + return Ci.nsIContentPolicy.ACCEPT; + } + } + if (requestPrincipal && Services.scriptSecurityManager.isSystemPrincipal(requestPrincipal)) { return Ci.nsIContentPolicy.ACCEPT; |