Bug 1224225: Use GetAsciiHost in CSP source matching code r=ckerschb
MozReview-Commit-ID: B7SwUEMiVwc
--- a/dom/security/nsCSPUtils.cpp
+++ b/dom/security/nsCSPUtils.cpp
@@ -266,17 +266,17 @@ CSP_ContentTypeToDirective(nsContentPoli
return nsIContentSecurityPolicy::DEFAULT_SRC_DIRECTIVE;
}
nsCSPHostSrc*
CSP_CreateHostSrcFromURI(nsIURI* aURI)
{
// Create the host first
nsCString host;
- aURI->GetHost(host);
+ aURI->GetAsciiHost(host);
nsCSPHostSrc *hostsrc = new nsCSPHostSrc(NS_ConvertUTF8toUTF16(host));
// Add the scheme.
nsCString scheme;
aURI->GetScheme(scheme);
hostsrc->setScheme(NS_ConvertUTF8toUTF16(scheme));
int32_t port;
@@ -638,17 +638,17 @@ nsCSPHostSrc::permits(nsIURI* aUri, cons
return false;
}
return true;
}
// Before we can check if the host matches, we have to
// extract the host part from aUri.
nsAutoCString uriHost;
- nsresult rv = aUri->GetHost(uriHost);
+ nsresult rv = aUri->GetAsciiHost(uriHost);
NS_ENSURE_SUCCESS(rv, false);
nsString decodedUriHost;
CSP_PercentDecodeStr(NS_ConvertUTF8toUTF16(uriHost), decodedUriHost);
// 4.5) host matching: Check if the allowed host starts with a wilcard.
if (mHost.First() == '*') {
NS_ASSERTION(mHost[1] == '.', "Second character needs to be '.' whenever host starts with '*'");