Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixing bug 296830. Use the principal of the calling code in document.open(), not that of the calling window. r=dveditz@cruzio.com, sr=brendan@mozilla.org, a=dveditz@cruzio.com

Browse Source 
git-svn-id: svn://10.0.0.236/trunk@174851 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
jst%mozilla.jstenback.com
2005-06-20 16:18:35 +00:00
parent 4c7592ed15
commit fecaf7f5b3
2 changed files with 3 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
mozilla/content/html/document/src/nsHTMLDocument.cpp
View File

@@ -1826,21 +1826,6 @@ nsHTMLDocument::SetCookie(const nsAString& aCookie)
return NS_OK;
}
// static
nsIPrincipal *
nsHTMLDocument::GetCallerPrincipal()
{
// XXX This will fail on non-DOM contexts :(
nsIDOMDocument *domDoc = nsContentUtils::GetDocumentFromCaller();
nsCOMPtr<nsIDocument> doc(do_QueryInterface(domDoc));
if (!doc) {
return nsnull; // No document in the window
}
return doc->GetPrincipal();
}
// XXX TBI: accepting arguments to the open method.
nsresult
nsHTMLDocument::OpenCommon(const nsACString& aContentType, PRBool aReplace)
@@ -1868,7 +1853,9 @@ nsHTMLDocument::OpenCommon(const nsACString& aContentType, PRBool aReplace)
if (callerDoc) {
securityInfo = callerDoc->GetSecurityInfo();
callerPrincipal = GetCallerPrincipal();
nsContentUtils::GetSecurityManager()->
GetSubjectPrincipal(getter_AddRefs(callerPrincipal));
}
// The URI for the document after this call. Get it from the calling