Closed
Bug 525468
Opened 15 years ago
Closed 13 years ago
nsIPrincipal.origin attribute should be based on asciiHost
Categories
(Core :: Security: CAPS, defect)
Core
Security: CAPS
Tracking
()
RESOLVED
FIXED
mozilla10
People
(Reporter: mayhemer, Assigned: mayhemer)
References
Details
(Whiteboard: [inbound])
Attachments
(1 file)
1.76 KB,
patch
|
bzbarsky
:
review+
mayhemer
:
checkin+
|
Details | Diff | Splinter Review |
At the moment this char* attribute is based on nsIURI.hostPort or nsIURI.spec attribute, that is not true ascii representation of URI. This attribute seems not used in the application at all (what should be ones more checked, as it seems to be a bit weird) we should change it to be based on nsIURI.asciiHost (+port) or nsIURI.asciiSpec. This change is needed for sessionStorage hashtable mapping, see bug 495337 comment 11 "So why is the change from asciiHost to host ok here?" and bug 495337 comment 13 for bz's suggestion.
Assignee | ||
Comment 1•15 years ago
|
||
We should also discuss if/how to include a certificate in the origin string attribute. Something like "https://example.com:80:A FINGER PRINT OF THE CERTIFICATE" for example? According html5 spec the origin must reflect (include) the certificate.
Assignee | ||
Comment 2•13 years ago
|
||
This is the first implementation. nsMozIconURI and nsJARURI however return Host (non-ascii) and not AsciiHost when their GetAsciiHost implementation gets called. Maybe that should be fixed as part of this bug or is not an issue at all?
Assignee: dveditz → honzab.moz
Status: NEW → ASSIGNED
Attachment #568712 -
Flags: review?(dveditz)
Attachment #568712 -
Flags: review?(bzbarsky)
Comment 3•13 years ago
|
||
Comment on attachment 568712 [details] [diff] [review] v1 Followup is fine for the broken URI impls.
Attachment #568712 -
Flags: review?(bzbarsky) → review+
Assignee | ||
Updated•13 years ago
|
Attachment #568712 -
Flags: review?(dveditz)
Assignee | ||
Comment 4•13 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/a47adda7f98a
Whiteboard: [inbound]
Version: 1.9.2 Branch → Trunk
Assignee | ||
Updated•13 years ago
|
Attachment #568712 -
Flags: checkin+
Comment 5•13 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/a47adda7f98a
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla10
You need to log in
before you can comment on or make changes to this bug.
Description
•