Closed Bug 426308 Opened 12 years ago Closed 12 years ago
Cross site XHR backout broke redirect handling for privileged code
If chrome privileged code tries an XHR against a URL that responds with a redirect that goes to a different domain, a security error is thrown. In FF2, this would work. The cross site XHR backout busted this.
This restores the logic from FF2.
Attachment #312869 - Flags: review?(jonas)
"Backing it out can't break anything!"
Flags: blocking1.9? → blocking1.9+
Priority: -- → P1
Comment on attachment 312869 [details] [diff] [review] Patch to fix with testcase There should already be a redirect url you can use. Please use that rather than creating your own.
Attachment #312869 - Flags: review?(jonas) → review+
Attachment #312869 - Flags: superreview+
Comment on attachment 312869 [details] [diff] [review] Patch to fix with testcase Asking for a1.9? There isn't a generic redirect sjs, I filed bug #426454 for that.
Comment on attachment 312869 [details] [diff] [review] Patch to fix with testcase Approval not needed. It's a blocker.
Checking in content/base/src/nsXMLHttpRequest.cpp; /cvsroot/mozilla/content/base/src/nsXMLHttpRequest.cpp,v <-- nsXMLHttpRequest.cpp new revision: 1.235; previous revision: 1.234 done Checking in content/base/test/Makefile.in; /cvsroot/mozilla/content/base/test/Makefile.in,v <-- Makefile.in new revision: 1.68; previous revision: 1.67 done RCS file: /cvsroot/mozilla/content/base/test/bug426308-redirect.sjs,v done Checking in content/base/test/bug426308-redirect.sjs; /cvsroot/mozilla/content/base/test/bug426308-redirect.sjs,v <-- bug426308-redirect.sjs initial revision: 1.1 done RCS file: /cvsroot/mozilla/content/base/test/test_bug426308.html,v done Checking in content/base/test/test_bug426308.html; /cvsroot/mozilla/content/base/test/test_bug426308.html,v <-- test_bug426308.html initial revision: 1.1 done
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9
You need to log in before you can comment on or make changes to this bug.