summaryrefslogtreecommitdiff
path: root/toolkit/modules
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-22 20:38:02 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-22 20:38:02 +0200
commit95c46082414632687e3ddd52435d476ab9dc320f (patch)
treecc745a6ddad92f5cfe56470068108c2d9c81fefa /toolkit/modules
parenta38e87d455f6ad3637deeae20d2ddc57430b498d (diff)
downloaduxp-95c46082414632687e3ddd52435d476ab9dc320f.tar.gz
Bug 1329288: Allow content policy consumers to identify contentPolicy checks from docshell
Diffstat (limited to 'toolkit/modules')
-rw-r--r--toolkit/modules/addons/WebRequestContent.js10
1 files changed, 10 insertions, 0 deletions
diff --git a/toolkit/modules/addons/WebRequestContent.js b/toolkit/modules/addons/WebRequestContent.js
index 219675e5b9..f044a1cd4e 100644
--- a/toolkit/modules/addons/WebRequestContent.js
+++ b/toolkit/modules/addons/WebRequestContent.js
@@ -80,6 +80,16 @@ var ContentPolicy = {
shouldLoad(policyType, contentLocation, requestOrigin,
node, mimeTypeGuess, extra, requestPrincipal) {
+
+ // Loads of TYPE_DOCUMENT and TYPE_SUBDOCUMENT perform a ConPol check
+ // within docshell as well as within the ContentSecurityManager. To avoid
+ // duplicate evaluations we ignore ConPol checks performed within docShell.
+ if (extra instanceof Ci.nsISupportsString) {
+ if (extra.data === "conPolCheckFromDocShell") {
+ return Ci.nsIContentPolicy.ACCEPT;
+ }
+ }
+
if (requestPrincipal &&
Services.scriptSecurityManager.isSystemPrincipal(requestPrincipal)) {
return Ci.nsIContentPolicy.ACCEPT;