From dfbb1dc05d0146bb8f12eac0da776cd91c3cdba3 Mon Sep 17 00:00:00 2001
From: Moonchild <moonchild@palemoon.org>
Date: Thu, 4 Nov 2021 20:30:30 +0000
Subject: Prevent form popups from crossing the "line of death".

Without this, doorhangers could potentially be spoofed to overlap legitimate
permission popups like geolocation or plugin permissions.
Another reason doorhangers are evil!
---
 modules/FormValidationHandler.jsm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/FormValidationHandler.jsm b/modules/FormValidationHandler.jsm
index e7e7b14..b88c282 100644
--- a/modules/FormValidationHandler.jsm
+++ b/modules/FormValidationHandler.jsm
@@ -124,7 +124,7 @@ var FormValidationHandler =
     let tabBrowser = aWindow.gBrowser;
     this._anchor = tabBrowser.popupAnchor;
     this._anchor.left = aPanelData.contentRect.left;
-    this._anchor.top = aPanelData.contentRect.top;
+    this._anchor.top = Math.max(0, aPanelData.contentRect.top);
     this._anchor.width = aPanelData.contentRect.width;
     this._anchor.height = aPanelData.contentRect.height;
     this._anchor.hidden = false;
-- 
cgit v1.2.3