Closed
Bug 278773
Opened 20 years ago
Closed 20 years ago
Various toolkit code incorrectly constructs URIs
Categories
(Core :: SQLite and Embedded Database Bindings, defect, P2)
Core
SQLite and Embedded Database Bindings
Tracking
()
RESOLVED
FIXED
mozilla1.8final
People
(Reporter: bzbarsky, Assigned: Gavin)
References
()
Details
(Whiteboard: [sg:fix])
Attachments
(1 file, 1 obsolete file)
|
15.44 KB,
patch
|
Details | Diff | Splinter Review |
Unless you're implementing a protocol, creating an nsIURI object by
instantiating an nsStandardURL and setting the spec is almost certainly the
wrong thing to do. This will lead to bugs for various URIs, ranging from data:
and javascript: to jar: (and we don't really want to break signed jars any more
than we have to, please). Especially troubling, to me, are the cases where the
incorrectly-created URI object is then used in security checks. This could
cause real issues in both directions (checks failing when they should succeed,
and the other way around).
The URL in the url field shows a number of hits for the contractid in various
tookit files. Spot-checks show that every single case I've looked at should be
using either nsIIOService.newURI or nsIIOService.newFileURI (the latter in
toolkit/mozapps/extensions/src/nsExtensionManager.js.in, for example).
It may be that the hits under toolkit/ don't belong in the toolkit product
(since none of the components seem relevant), but I can't tell for sure, so
filing this just in case and picking a random component.
|
Reporter | |
Comment 1•20 years ago
|
||
Bug 278772 is the equivalent Firefox bug.
|
||
Updated•20 years ago
|
Whiteboard: [sg;fix]
|
Assignee | |
Updated•20 years ago
|
Whiteboard: [sg;fix] → [sg:fix]
|
|
Assignee | |
Updated•20 years ago
|
Assignee: vladimir → gavin.sharp
|
|
Assignee | |
Comment 2•20 years ago
|
||
|
|
Assignee | |
Updated•20 years ago
|
Attachment #176378 -
Flags: second-review?(darin)
Attachment #176378 -
Flags: first-review?(mconnor)
|
||
Comment 3•20 years ago
|
||
Comment on attachment 176378 [details] [diff] [review]
Patch v1
>Index: toolkit/mozapps/downloads/content/downloads.js
> for (var i = 0; i < numXPInstallItems;) {
> // Pretty Name
> var displayName = aParams.GetString(i++);
>
> // URI
>+ var uri = Components.classes["@mozilla.org/network/io-service;1"]
>+ .getService(Components.interfaces.nsIIOService)
>+ .newURI(aParams.GetString(i++), null, null);
I think it would be wise to move the getService call out of
the body of the loop. Otherwise, you are doing duplicate
work for each iteration.
looks good otherwise. r=darin
Attachment #176378 -
Flags: second-review?(darin) → second-review+
|
|
Assignee | |
Comment 4•20 years ago
|
||
Attachment #176378 -
Attachment is obsolete: true
|
|
Assignee | |
Updated•20 years ago
|
Attachment #176378 -
Flags: first-review?(mconnor)
|
|
Assignee | |
Updated•20 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [sg:fix] → [checkin needed] [sg:fix]
|
|
Assignee | |
Updated•20 years ago
|
Attachment #176403 -
Attachment description: Revised → Revised (checked in)
|
|
Assignee | |
Updated•20 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Whiteboard: [checkin needed] [sg:fix] → [sg:fix]
|
|
Assignee | |
Updated•19 years ago
|
Target Milestone: --- → mozilla1.8final
|
||
Updated•18 years ago
|
Flags: in-testsuite-
|
||
Updated•6 months ago
|
Product: Toolkit → Core
You need to log in
before you can comment on or make changes to this bug.
Description
•