Mercurial > mozreview > gecko / changeset / ab80c67351a1162fd1e578f53f691547172f13e8
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1375243 - Explicitly create a URI object to avoid sync URI fixups from the content process. r=Gijs draft
authorBlake Kaplan <mrbkap@gmail.com>
Thu, 10 Aug 2017 17:19:35 -0700
changeset 644451 ab80c67351a1162fd1e578f53f691547172f13e8
parent 642173 fde1450a4368d04e97174e2eb00fb48901179857
child 725616 fe345acc77ed304124e1b0f90e2c24aa90525699
push id73446
push userbmo:mrbkap@mozilla.com
push dateFri, 11 Aug 2017 00:20:06 +0000
reviewersGijs
bugs1375243
milestone57.0a1
Bug 1375243 - Explicitly create a URI object to avoid sync URI fixups from the content process. r=Gijs I'm not entirely certain that we need to pass the charset here, but it seems like it might be needed based on my reading of the code. This also fixes a test to mock a link node better (we must have an ownerDocument that will have a characterSet). MozReview-Commit-ID: 5L1dKocNX0h
browser/base/content/test/general/browser_bug413915.js file | annotate | diff | comparison | revisions
browser/modules/Feeds.jsm file | annotate | diff | comparison | revisions 
--- a/browser/base/content/test/general/browser_bug413915.js
+++ b/browser/base/content/test/general/browser_bug413915.js
@@ -2,17 +2,24 @@ XPCOMUtils.defineLazyModuleGetter(this, 
   "resource:///modules/Feeds.jsm");
 
 function test() {
   var exampleUri = makeURI("http://example.com/");
   var secman = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
   var principal = secman.createCodebasePrincipal(exampleUri, {});
 
   function testIsFeed(aTitle, aHref, aType, aKnown) {
-    var link = { title: aTitle, href: aHref, type: aType };
+    var link = {
+      title: aTitle,
+      href: aHref,
+      type: aType,
+      ownerDocument: {
+        characterSet: "UTF-8"
+      }
+    };
     return Feeds.isValidFeed(link, principal, aKnown);
   }
 
   var href = "http://example.com/feed/";
   var atomType = "application/atom+xml";
   var funkyAtomType = " aPPLICAtion/Atom+XML ";
   var rssType = "application/rss+xml";
   var funkyRssType = " Application/RSS+XML  ";
--- a/browser/modules/Feeds.jsm
+++ b/browser/modules/Feeds.jsm
@@ -70,24 +70,19 @@ this.Feeds = {
 
     var type = aLink.type.toLowerCase().replace(/^\s+|\s*(?:;.*)?$/g, "");
     if (!aIsFeed) {
       aIsFeed = (type == "application/rss+xml" ||
                  type == "application/atom+xml");
     }
 
     if (aIsFeed) {
-      // re-create the principal as it may be a CPOW.
-      // once this can't be a CPOW anymore, we should just use aPrincipal instead
-      // of creating a new one.
-      let principalURI = BrowserUtils.makeURIFromCPOW(aPrincipal.URI);
-      let principalToCheck =
-        Services.scriptSecurityManager.createCodebasePrincipal(principalURI, aPrincipal.originAttributes);
       try {
-        BrowserUtils.urlSecurityCheck(aLink.href, principalToCheck,
+        let href = BrowserUtils.makeURI(aLink.href, aLink.ownerDocument.characterSet);
+        BrowserUtils.urlSecurityCheck(href, aPrincipal,
                                       Ci.nsIScriptSecurityManager.DISALLOW_INHERIT_PRINCIPAL);
         return type || "application/rss+xml";
       } catch (ex) {
       }
     }
 
     return null;
   },
gecko
Deployed from 40235b0325de at 2025-05-05T21:19:47Z.