Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201

git-svn-id: svn://10.0.0.236/trunk@143053 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/caps/src/nsScriptSecurityManager.cpp

@@ -1216,6 +1216,13 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
         return NS_OK;
     }
 
+    //-- Some callers do not allow loading javascript: or data: URLs
+    if ((aFlags & nsIScriptSecurityManager::DISALLOW_JAVASCRIPT) &&
+        (targetScheme.Equals("javascript") || targetScheme.Equals("data")))
+    {
+       return NS_ERROR_DOM_BAD_URI;
+    }
+
     //-- If the schemes don't match, the policy is specified in this table.
     enum Action { AllowProtocol, DenyProtocol, PrefControlled, ChromeProtocol};
     static const struct