Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 424733. Be a little more careful with certificate principals. r+sr=sicking, a=dveditz

Browse Source 
git-svn-id: svn://10.0.0.236/trunk@254712 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
bzbarsky%mit.edu 2008-10-21 20:25:48 +00:00
parent e2eb7495da
commit 2b38cfdbd1
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
mozilla/content/xbl/src/nsXBLBinding.cpp
View File

@ -1373,7 +1373,21 @@ nsXBLBinding::AllowScripts()
PRBool canExecute;
nsresult rv =
mgr->CanExecuteScripts(cx, ourDocument->NodePrincipal(), &canExecute);
return NS_SUCCEEDED(rv) && canExecute;
if (NS_FAILED(rv) || !canExecute) {
return PR_FALSE;
}
// Now one last check: make sure that we're not allowing a privilege
// escalations here.
PRBool haveCert;
doc->NodePrincipal()->GetHasCertificate(&haveCert);
if (!haveCert) {
return PR_TRUE;
}
PRBool subsumes;
rv = ourDocument->NodePrincipal()->Subsumes(doc->NodePrincipal(), &subsumes);
return NS_SUCCEEDED(rv) && subsumes;
}
void