In particular, what behavior is wanted here with signed jars? Should one be able to link from inside a signed jar to things from the same site? To things with the same signed jar? Should one be able to link from an unsigned part of a site to schema from a signed jar? Perhaps the check should be performed post-load, on the principal of the result, not pre-load?
nsXFormsUtils has a similar setup, but there it's possible that we're checking whether it's OK to _send_ data. Perhaps we need a principal version of nsIScriptSecurityManager::CheckConnect or something? One that would handle document.domain being set correctly, unlike CheckSameOriginPrincipal?
Summary: Consider eliminating explicit same-origin check in nsSchemaLoader → Reconsider explicit same-origin checks in nsSchemaLoader and nsXFormsUtils
This code has switched to CheckMayLoad(), looks like. It's still not clear that this is the right thing for it to be doing, but ok.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.