From fed080c0cfec93fd1b5fb0910c2f9a2698dd4899 Mon Sep 17 00:00:00 2001
From: "gavin%gavinsharp.com"
 <gavin%gavinsharp.com@18797224-902f-48f8-a5cc-f745e15eee43>
Date: Mon, 21 Aug 2006 18:41:08 +0000
Subject: [PATCH] Bug 335334: simplify checkLoadURI callers, r=mconnor,
 sr=bzbarsky

git-svn-id: svn://10.0.0.236/trunk@208016 18797224-902f-48f8-a5cc-f745e15eee43
---
 mozilla/browser/base/content/browser.js     | 55 +++++++--------------
 mozilla/toolkit/content/contentAreaUtils.js | 16 +++---
 2 files changed, 27 insertions(+), 44 deletions(-)

diff --git a/mozilla/browser/base/content/browser.js b/mozilla/browser/base/content/browser.js
index 633a3d59645..319b4be6a30 100644
--- a/mozilla/browser/base/content/browser.js
+++ b/mozilla/browser/base/content/browser.js
@@ -2466,11 +2466,9 @@ var urlbarObserver = {
 
         try {
           gURLBar.value = url;
-          var uri = makeURI(gURLBar.value);
-          const secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
-                                   .getService(Components.interfaces.nsIScriptSecurityManager);
           const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
-          secMan.checkLoadURI(gBrowser.currentURI, uri, nsIScriptSecMan.DISALLOW_SCRIPT_OR_DATA);
+          urlSecurityCheck(gURLBar.value, gBrowser.currentURI.spec,
+                           nsIScriptSecMan.DISALLOW_SCRIPT_OR_DATA);
           handleURLBarCommand();
         } catch (ex) {}
       }
@@ -2904,12 +2902,11 @@ var goButtonObserver = {
       var url = getShortcutOrURI(draggedText, postData);
       try {
         getBrowser().dragDropSecurityCheck(aEvent, aDragSession, url);
-        var uri = makeURI(url);
-        const secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
-                                 .getService(Components.interfaces.nsIScriptSecurityManager);
+
         const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
-        secMan.checkLoadURI(gBrowser.currentURI, uri, nsIScriptSecMan.DISALLOW_SCRIPT_OR_DATA);
-        loadURI(uri.spec, null, postData.value, true);
+        urlSecurityCheck(url, gBrowser.currentURI.spec,
+                         nsIScriptSecMan.DISALLOW_SCRIPT_OR_DATA);
+        loadURI(url, null, postData.value, true);
       } catch (ex) {}
     },
   getSupportedFlavours: function ()
@@ -4814,12 +4811,10 @@ nsContextMenu.prototype = {
     // Open clicked-in frame in the same window.
     showOnlyThisFrame : function () {
         try {
-          const secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
-                         .getService(Components.interfaces.nsIScriptSecurityManager);
-          const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
-          secMan.checkLoadURI(gBrowser.currentURI, makeURI(this.target.ownerDocument.location.href),
-                              nsIScriptSecMan.DISALLOW_SCRIPT);
-          window.loadURI(this.target.ownerDocument.location.href, null, null, false);
+          var frameURL = this.target.ownerDocument.location.href;
+          urlSecurityCheck(frameURL, gBrowser.currentURI.spec,
+                           nsIScriptSecMan.DISALLOW_SCRIPT);
+          window.loadURI(frameURL, null, null, false);
         } catch(e) {}
     },
     // View Partial Source
@@ -4859,31 +4854,17 @@ nsContextMenu.prototype = {
     },
     // Change current window to the URL of the image.
     viewImage : function (e) {
-        urlSecurityCheck( this.imageURL, this.docURL );
-        try {
-          if (this.docURL != gBrowser.currentURI) {
-            const secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
-                           .getService(Components.interfaces.nsIScriptSecurityManager);
-            const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
-            secMan.checkLoadURI(gBrowser.currentURI, makeURI(this.imageURL),
-                                nsIScriptSecMan.DISALLOW_SCRIPT);
-          }
-          openUILink( this.imageURL, e );
-        } catch(e) {}
+        const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
+        urlSecurityCheck( this.imageURL, gBrowser.currentURI.spec,
+                          nsIScriptSecMan.DISALLOW_SCRIPT );
+        openUILink( this.imageURL, e );
     },
     // Change current window to the URL of the background image.
     viewBGImage : function (e) {
-        urlSecurityCheck( this.bgImageURL, this.docURL );
-        try {
-          if (this.docURL != gBrowser.currentURI) {
-            const secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
-                           .getService(Components.interfaces.nsIScriptSecurityManager);
-            const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
-            secMan.checkLoadURI(gBrowser.currentURI, makeURI(this.bgImageURL),
-                                nsIScriptSecMan.DISALLOW_SCRIPT);
-          }
-          openUILink( this.bgImageURL, e );
-        } catch(e) {}
+        const nsIScriptSecMan = Components.interfaces.nsIScriptSecurityManager;
+        urlSecurityCheck( this.bgImageURL, gBrowser.currentURI.spec,
+                          nsIScriptSecMan.DISALLOW_SCRIPT );
+        openUILink( this.bgImageURL, e );
     },
     disableSetDesktopBackground: function() {
         // Disable the Set as Desktop Background menu item if we're still trying
diff --git a/mozilla/toolkit/content/contentAreaUtils.js b/mozilla/toolkit/content/contentAreaUtils.js
index 9f245c6bcc6..71fe1131077 100644
--- a/mozilla/toolkit/content/contentAreaUtils.js
+++ b/mozilla/toolkit/content/contentAreaUtils.js
@@ -109,33 +109,35 @@ function openNewWindowWith(href, sourceURL, postData, allowThirdPartyFixup)
 }
 
 /**
- * urlSecurityCheck: JavaScript wrapper for CheckLoadURI.
+ * urlSecurityCheck: JavaScript wrapper for CheckLoadURIStr.
  * If |sourceURL| is not allowed to link to |url|, this function throws with an error message.
  *
  * @param url The URL a page has linked to.
  * @param sourceURL The URL of the document from which the URL came.
+ * @param flags Flags to be passed to checkLoadURIStr. If undefined,
+ *              nsIScriptSecurityManager.STANDARD will be passed to checkLoadURIStr.
  */
-function urlSecurityCheck(url, sourceURL)
+function urlSecurityCheck(url, sourceURL, flags)
 {
   const nsIScriptSecurityManager = Components.interfaces.nsIScriptSecurityManager;
   var secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
                          .getService(nsIScriptSecurityManager);
+  if (flags === undefined)
+    flags = nsIScriptSecurityManager.STANDARD;
+
   try {
-    secMan.checkLoadURIStr(sourceURL, url, nsIScriptSecurityManager.STANDARD);
+    secMan.checkLoadURIStr(sourceURL, url, flags);
   } catch (e) {
     throw "Load of " + url + " from " + sourceURL + " denied.";
   }
 }
 
 function webPanelSecurityCheck(aSourceURL, aDestURL) {
-  var sourceURI = makeURI(aSourceURL);
-  var destURI = makeURI(aDestURL);
-
   const nsIScriptSecurityManager = Components.interfaces.nsIScriptSecurityManager;
   var secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
                          .getService(nsIScriptSecurityManager);
   try {
-    secMan.checkLoadURI(sourceURI, destURI, nsIScriptSecurityManager.STANDARD);
+    secMan.checkLoadURIStr(aSourceURL, aDestURL, nsIScriptSecurityManager.STANDARD);
   } catch (e) {
     return false;
   }