From 4e4eab18f2db1a052d8cbb176c5653e0baae2462 Mon Sep 17 00:00:00 2001
From: "mozilla.mano%sent.com"
 <mozilla.mano%sent.com@18797224-902f-48f8-a5cc-f745e15eee43>
Date: Mon, 5 Feb 2007 20:38:52 +0000
Subject: [PATCH] Copy the security checks for history items to
 placescontroller/utils, r=sspitzer (patch on bug 362292).

git-svn-id: svn://10.0.0.236/trunk@219522 18797224-902f-48f8-a5cc-f745e15eee43
---
 .../components/places/content/controller.js   |  4 +--
 .../components/places/content/utils.js        | 30 ++++++++++++++++++-
 .../chrome/browser/places/places.properties   |  2 ++
 3 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/mozilla/browser/components/places/content/controller.js b/mozilla/browser/components/places/content/controller.js
index 2029e6c443b..b2c0a45b373 100755
--- a/mozilla/browser/components/places/content/controller.js
+++ b/mozilla/browser/components/places/content/controller.js
@@ -915,7 +915,7 @@ PlacesController.prototype = {
    */
   openSelectedNodeWithEvent: function PC_openSelectedNodeWithEvent(aEvent) {
     var node = this._view.selectedURINode;
-    if (node)
+    if (node && PlacesUtils.checkURLSecurity(node))
       openUILink(node.uri, aEvent);
   },
 
@@ -925,7 +925,7 @@ PlacesController.prototype = {
    */
   openSelectedNodeIn: function PC_openSelectedNodeIn(aWhere) {
     var node = this._view.selectedURINode;
-    if (node)
+    if (node && PlacesUtils.checkURLSecurity(node))
       openUILinkIn(node.uri, aWhere);
   },
 
diff --git a/mozilla/browser/components/places/content/utils.js b/mozilla/browser/components/places/content/utils.js
index 099d1bb2a00..be8c9bcc0a1 100644
--- a/mozilla/browser/components/places/content/utils.js
+++ b/mozilla/browser/components/places/content/utils.js
@@ -162,7 +162,7 @@ var PlacesUtils = {
     }
     return this.__bundle;
   },
-  
+
   getFormattedString: function PU_getFormattedString(key, params) {
     return this._bundle.formatStringFromName(key, params, params.length);
   },
@@ -698,5 +698,33 @@ var PlacesUtils = {
     }
 
     return null;
+  },
+
+  /**
+   * Allows opening of javascript/data URI only if the given node is
+   * bookmarked (see bug 224521).
+   * @param aURINode
+   *        a URI node
+   * @return true if it's safe to open the node in the browser, false otherwise.
+   * 
+   */
+  checkURLSecurity: function PU_checkURLSecurity(aURINode) {
+    if (!this.nodeIsBookmark(aURINode)) {
+      var uri = this._uri(aURINode.uri);
+      if (uri.schemeIs("javascript") || uri.schemeIs("data")) {
+        const BRANDING_BUNDLE_URI = "chrome://branding/locale/brand.properties";
+        var brandShortName = Cc["@mozilla.org/intl/stringbundle;1"].
+                             getService(Ci.nsIStringBundleService).
+                             createBundle(BRANDING_BUNDLE_URI).
+                             GetStringFromName("brandShortName");
+        var promptService = Cc["@mozilla.org/embedcomp/prompt-service;1"].
+                            getService(Ci.nsIPromptService);
+
+        var errorStr = this.getString("load-js-data-url-error");
+        promptService.alert(window, brandStr, errorStr);
+        return false;
+      }
+    }
+    return true;
   }
 };
diff --git a/mozilla/browser/locales/en-US/chrome/browser/places/places.properties b/mozilla/browser/locales/en-US/chrome/browser/places/places.properties
index 36eee3766dd..8882868e2ac 100644
--- a/mozilla/browser/locales/en-US/chrome/browser/places/places.properties
+++ b/mozilla/browser/locales/en-US/chrome/browser/places/places.properties
@@ -74,3 +74,5 @@ tabs.openButtonMultiple=Open tabs
 tabs.openWarningPromptMeBranded=Warn me when opening multiple tabs might slow down %S
 
 status_foldercount = %S object(s)
+
+load-js-data-url-error=For security reasons, javascript or data urls cannot be loaded from the history window or sidebar.