Closed Bug 1101584 Opened 5 years ago Closed 5 years ago
Content Utils::Get UTFOrigin should check if the URI has the ns IURIWith Principal interface .
No description provided.
this bug is created because of bug 1058470 comment 23.
Can you add a testcase? For example, loading an iframe from a blob: URI and then checking its location.origin. Or setting the href of an <a> element to a blob: URI and then checking its .origin. Also, don't we need equivalent changes to nsContentUtils::GetASCIIOrigin?
do you mean this kind of test?
Comment on attachment 8525378 [details] [diff] [review] origin.patch Yep, like that. r=me, since I've clearly been looking at this.
Attachment #8525378 - Flags: review?(bugs) → review+
Comment on attachment 8525490 [details] [diff] [review] patch2.patch I'm not totally convinced we want to deal with uriWithPrincipal at all in these methods (feel like they make the methods do something magical, not something that the caller expects), but since bz was ok with the first patch, fine. And looks like URIWithPrincipal is for nsHostObjectURI only atm.
Attachment #8525490 - Flags: review?(bugs) → review+
patch merged: https://tbpl.mozilla.org/?tree=Try&rev=5259cc02e97f
Attachment #8525509 - Attachment is obsolete: true
I had to back out the original patch in https://hg.mozilla.org/integration/mozilla-inbound/rev/df4b53792111 because I couldn't keep holding the tree closed for the fix to land.
The new patch fixes the problem. Sorry for the waiting for the new patch.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla36
You need to log in before you can comment on or make changes to this bug.