From ba5d92f71c19ffca5cc8280ae7be1d781f1499dd Mon Sep 17 00:00:00 2001 From: "mstoltz%netscape.com" Date: Sat, 29 Jul 2006 05:36:37 +0000 Subject: [PATCH] More fixes for 55237, cleaned up CheckLoadURI and added a check on "Edit This Link." Also added error reporting (bug 40538). r=beard, sr=hyatt git-svn-id: svn://10.0.0.236/trunk@205401 18797224-902f-48f8-a5cc-f745e15eee43 --- mozilla/suite/common/contentAreaUtils.js | 20 +++++++------------- mozilla/suite/common/utilityOverlay.js | 14 ++++++++++++++ 2 files changed, 21 insertions(+), 13 deletions(-) diff --git a/mozilla/suite/common/contentAreaUtils.js b/mozilla/suite/common/contentAreaUtils.js index 612f0daccab..d5377ca2e08 100644 --- a/mozilla/suite/common/contentAreaUtils.js +++ b/mozilla/suite/common/contentAreaUtils.js @@ -39,24 +39,18 @@ function openNewWindowWith(url) { - // URL Loading Security Check - const nsIStandardURL = Components.interfaces.nsIStandardURL; - const nsIURI = Components.interfaces.nsIURI; - const stdURL = Components.classes["@mozilla.org/network/standard-url;1"]; - - var sourceURL = stdURL.createInstance(nsIStandardURL); - var focusedWindow = document.commandDispatcher.focusedWindow; + // URL Loading Security Check + var focusedWindow = document.commandDispatcher.focusedWindow; var sourceWin = isDocumentFrame(focusedWindow) ? focusedWindow.location.href : window._content.location.href; - sourceURL.init(nsIStandardURL.URLTYPE_STANDARD, 80, sourceWin, null); - - var targetURL = stdURL.createInstance(nsIStandardURL); - targetURL.init(nsIStandardURL.URLTYPE_STANDARD, 80, url, null); const nsIScriptSecurityManager = Components.interfaces.nsIScriptSecurityManager; var secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"].getService(). QueryInterface(nsIScriptSecurityManager); - secMan.checkLoadURI(sourceURL, targetURL, nsIScriptSecurityManager.STANDARD); - + try { + secMan.checkLoadURIStr(sourceWin, url, nsIScriptSecurityManager.STANDARD); + } catch (e) { + throw "Load of " + url + " denied."; + } var newWin; var wintype = document.firstChild.getAttribute('windowtype'); diff --git a/mozilla/suite/common/utilityOverlay.js b/mozilla/suite/common/utilityOverlay.js index db7dfa1a729..7a25d6e7c94 100644 --- a/mozilla/suite/common/utilityOverlay.js +++ b/mozilla/suite/common/utilityOverlay.js @@ -281,6 +281,20 @@ function editPage(url, launchWindow, delay) } } + // URL Loading Security Check + var focusedWindow = launchWindow.document.commandDispatcher.focusedWindow; + var sourceWin = isDocumentFrame(focusedWindow) ? focusedWindow.location.href : focusedWindow._content.location.href; + + const nsIScriptSecurityManager = Components.interfaces.nsIScriptSecurityManager; + var secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"].getService(). + QueryInterface(nsIScriptSecurityManager); + try { + secMan.checkLoadURIStr(sourceWin, url, nsIScriptSecurityManager.STANDARD); + } catch (e) { + throw "Edit of " + url + " denied."; + } + + var windowManager = Components.classes['@mozilla.org/rdf/datasource;1?name=window-mediator'].getService(); if (!windowManager) return; var windowManagerInterface = windowManager.QueryInterface( Components.interfaces.nsIWindowMediator);