Bug 863246 - Remove compatibility for add-on
MozReview-Commit-ID: IdG6sw0d2EQ
--- a/browser/extensions/onboarding/jar.mn
+++ b/browser/extensions/onboarding/jar.mn
@@ -1,12 +1,14 @@
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
[features/onboarding@mozilla.org] chrome.jar:
-% resource onboarding %content/
+ # resource://onboarding/ is referenced in about:home and about:newtab,
+ # so make it content-accessible.
+% resource onboarding %content/ contentaccessible=yes
content/ (content/*)
# Package UITour-lib.js in here rather than under
# /browser/components/uitour to avoid "unreferenced files" error when
# Onboarding extension is not built.
content/lib/UITour-lib.js (/browser/components/uitour/UITour-lib.js)
content/modules/ (*.jsm)
--- a/chrome/nsChromeRegistryChrome.cpp
+++ b/chrome/nsChromeRegistryChrome.cpp
@@ -922,26 +922,19 @@ nsChromeRegistryChrome::ManifestResource
if (!CanLoadResource(resolved)) {
LogMessageWithContext(cx.GetManifestURI(), lineno, nsIScriptError::warningFlag,
"Warning: cannot register non-local URI '%s' as a resource.",
uri);
return;
}
- bool contentAccessible = false;
- if ((cx.mType == NS_EXTENSION_LOCATION) || (cx.mType == NS_BOOTSTRAPPED_LOCATION)) {
- // This is a browser extension. By default, extension resources are
- // content-accessible unless the manifest opts out.
- contentAccessible = !(flags & nsChromeRegistry::CONTENT_INACCESSIBLE);
- } else {
- // This manifest is part of Firefox. By default, Firefox resources are
- // not content-accessible unless the manifests opts in.
- contentAccessible = (flags & nsChromeRegistry::CONTENT_ACCESSIBLE);
- }
+ // By default, Firefox resources are not content-accessible unless the
+ // manifests opts in.
+ bool contentAccessible = (flags & nsChromeRegistry::CONTENT_ACCESSIBLE);
uint32_t substitutionFlags = 0;
if (contentAccessible) {
substitutionFlags |= nsIResProtocolHandler::ALLOW_CONTENT_ACCESS;
}
rv = rph->SetSubstitutionWithFlags(host, resolved, substitutionFlags);
if (NS_FAILED(rv)) {
LogMessageWithContext(cx.GetManifestURI(), lineno, nsIScriptError::warningFlag,
--- a/netwerk/protocol/res/SubstitutingProtocolHandler.cpp
+++ b/netwerk/protocol/res/SubstitutingProtocolHandler.cpp
@@ -292,18 +292,19 @@ SubstitutingProtocolHandler::AllowPort(i
//----------------------------------------------------------------------------
// nsISubstitutingProtocolHandler
//----------------------------------------------------------------------------
nsresult
SubstitutingProtocolHandler::SetSubstitution(const nsACString& root, nsIURI *baseURI)
{
- // Because add-ons use this API to register new substitutions we have to allow it :/
- return SetSubstitutionWithFlags(root, baseURI, nsISubstitutingProtocolHandler::ALLOW_CONTENT_ACCESS);
+ // Add-ons use this API but they should not be able to make anything
+ // content-accessible.
+ return SetSubstitutionWithFlags(root, baseURI, 0);
}
nsresult
SubstitutingProtocolHandler::SetSubstitutionWithFlags(const nsACString& root, nsIURI *baseURI, uint32_t flags)
{
if (!baseURI) {
mSubstitutions.Remove(root);
NotifyObservers(root, baseURI);