summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-11-01 20:35:06 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-11-01 20:35:06 +0100
commitf62eee7c510238bf93b6ad43acd8b8a79a44417c (patch)
tree901210cd14f0d32f354b7ebd2ca9c29a530e4bdf
parente8f913da98fdc9b2c0777dcbebd93bf64feb1dab (diff)
downloaduxp-f62eee7c510238bf93b6ad43acd8b8a79a44417c.tar.gz
Bug 1460538
-rw-r--r--modules/libjar/nsJARChannel.cpp19
1 files changed, 19 insertions, 0 deletions
diff --git a/modules/libjar/nsJARChannel.cpp b/modules/libjar/nsJARChannel.cpp
index ee60602dae..2f721fa3f5 100644
--- a/modules/libjar/nsJARChannel.cpp
+++ b/modules/libjar/nsJARChannel.cpp
@@ -995,6 +995,25 @@ nsJARChannel::OnStartRequest(nsIRequest *req, nsISupports *ctx)
mRequest = req;
nsresult rv = mListener->OnStartRequest(this, mListenerContext);
mRequest = nullptr;
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // Restrict loadable content types.
+ nsAutoCString contentType;
+ GetContentType(contentType);
+ auto contentPolicyType = mLoadInfo->GetExternalContentPolicyType();
+ if (contentType.Equals(APPLICATION_HTTP_INDEX_FORMAT) &&
+ contentPolicyType != nsIContentPolicy::TYPE_DOCUMENT &&
+ contentPolicyType != nsIContentPolicy::TYPE_FETCH) {
+ return NS_ERROR_CORRUPTED_CONTENT;
+ }
+ if (contentPolicyType == nsIContentPolicy::TYPE_STYLESHEET &&
+ !contentType.EqualsLiteral(TEXT_CSS)) {
+ return NS_ERROR_CORRUPTED_CONTENT;
+ }
+ if (contentPolicyType == nsIContentPolicy::TYPE_SCRIPT &&
+ !nsContentUtils::IsJavascriptMIMEType(NS_ConvertUTF8toUTF16(contentType))) {
+ return NS_ERROR_CORRUPTED_CONTENT;
+ }
return rv;
}