Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disallowing javascript or data schemes in a redirect. r=mstoltz, sr=brendan, a=rjesup, b=195201

Browse Source 
git-svn-id: svn://10.0.0.236/trunk@143054 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
dougt%meer.net
2003-05-29 21:56:38 +00:00
parent 43e230ebe2
commit e70ad5a847
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mozilla/caps/src/nsScriptSecurityManager.cpp
View File

@@ -1217,7 +1217,7 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
}
//-- Some callers do not allow loading javascript: or data: URLs
if ((aFlags & nsIScriptSecurityManager::DISALLOW_JAVASCRIPT) &&
if ((aFlags & nsIScriptSecurityManager::DISALLOW_SCRIPT_OR_DATA) &&
(targetScheme.Equals("javascript") || targetScheme.Equals("data")))
{
return NS_ERROR_DOM_BAD_URI;