Closed Bug 1190569 Opened 9 years ago Closed 8 years ago

docshell should do CheckLoadURI checks

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1276681

People

(Reporter: ckerschb, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog]) 

Currently callsites have to perform CheckLoadURI checks before calling nsDocShell::OnLinkClick. It would be better if docshell performs that task. One could remove the function DoURLLoadSecurityCheck from nsPluginHost::GetURLWithHeaders.

STR:
run test_bug813906.html and observe the following stack:


> #01: nsDocShell::OnLinkClick(nsIContent*, nsIURI*, char16_t const*,
> nsAString_internal const&, nsIInputStream*, nsIInputStream*, bool)
> (/home/ckerschb/moz/mc/docshell/base/nsDocShell.cpp:13284)
> #02: non-virtual thunk to nsDocShell::OnLinkClick(nsIContent*, nsIURI*,
> char16_t const*, nsAString_internal const&, nsIInputStream*,
> nsIInputStream*, bool)
> (/home/ckerschb/moz/mc-obj-dbg/docshell/base/Unified_cpp_docshell_base0.cpp:
> 13324)
> #03: nsPluginInstanceOwner::GetURL(char const*, char const*,
> nsIInputStream*, void*, unsigned int)
> (/home/ckerschb/moz/mc/dom/plugins/base/nsPluginInstanceOwner.cpp:544)
> #04: nsPluginHost::GetURLWithHeaders(nsNPAPIPluginInstance*, char const*,
> char const*, nsNPAPIPluginStreamListener*, char const*, char const*, bool,
> unsigned int, char const*)
> (/home/ckerschb/moz/mc/dom/plugins/base/nsPluginHost.cpp:535)
> #05: nsPluginHost::GetURL(nsISupports*, char const*, char const*,
> nsNPAPIPluginStreamListener*, char const*, char const*, bool)
> (/home/ckerschb/moz/mc/dom/plugins/base/nsPluginHost.cpp:502)
> #06: ...
Blocks: 1182543
Whiteboard: [domsecurity-backlog]
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.