Mercurial > mozreview > gecko / changeset / ede024096ba22be28aef484613d83095505d6ab4
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1321247, sanitize forms out of the RSS reader, r?dveditz draft
authorGijs Kruitbosch <gijskruitbosch@gmail.com>
Fri, 06 Jan 2017 15:39:16 +0000
changeset 457245 ede024096ba22be28aef484613d83095505d6ab4
parent 456716 a14094edbad78fc1d16e8d4c57902537cf286fd1
child 541439 4812094e8f6dd07fd23565613119d2c1ae870c17
push id40728
push usergijskruitbosch@gmail.com
push dateSat, 07 Jan 2017 11:41:19 +0000
reviewersdveditz
bugs1321247
milestone53.0a1
Bug 1321247, sanitize forms out of the RSS reader, r?dveditz MozReview-Commit-ID: DOPHvrYv3wJ
toolkit/components/feeds/FeedProcessor.js file | annotate | diff | comparison | revisions 
--- a/toolkit/components/feeds/FeedProcessor.js
+++ b/toolkit/components/feeds/FeedProcessor.js
@@ -620,17 +620,18 @@ TextConstruct.prototype = {
     var isXML;
     if (this.type == "xhtml")
       isXML = true
     else if (this.type == "html")
       isXML = false;
     else
       return null;
 
-    return this.parserUtils.parseFragment(this.text, 0, isXML,
+    let flags = Ci.nsIParserUtils.SanitizerDropForms;
+    return this.parserUtils.parseFragment(this.text, flags, isXML,
                                           this.base, element);
   },
 
   // XPCOM stuff
   classID: TEXTCONSTRUCT_CLASSID,
   QueryInterface: XPCOMUtils.generateQI([Ci.nsIFeedTextConstruct])
 }
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:59Z.