Bug 329468: check url before showing frame, patch by Martijn Wargers <martijn.martijn@gmail.com>, r=dveditz

git-svn-id: svn://10.0.0.236/trunk@195863 18797224-902f-48f8-a5cc-f745e15eee43
2006-05-03 00:44:36 +00:00 · 2006-05-03 00:44:36 +00:00 · af0fa707f2
commit af0fa707f2
parent af6e79377e
1 changed files with 8 additions and 1 deletions
--- a/mozilla/browser/base/content/browser.js
+++ b/mozilla/browser/base/content/browser.js
@ -4559,7 +4559,14 @@ nsContextMenu.prototype = {
    },
    // Open clicked-in frame in the same window.
    showOnlyThisFrame : function () {
-        window.loadURI(this.target.ownerDocument.location.href, null, null, false);
+        try {
+          const secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
+                         .getService(Components.interfaces.nsIScriptSecurityManager);
+          const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
+          secMan.checkLoadURI(gBrowser.currentURI, makeURI(this.target.ownerDocument.location.href),
+                              nsIScriptSecMan.DISALLOW_SCRIPT);
+          window.loadURI(this.target.ownerDocument.location.href, null, null, false);
+        } catch(e) {}
    },
    // View Partial Source
    viewPartialSource : function ( context ) {