summaryrefslogtreecommitdiff
path: root/browser/base/content/utilityOverlay.js
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-05-01 00:22:01 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-05-01 00:22:01 +0200
commitcc4036a9cd56d504667c07fe215e61b22ab0e1f4 (patch)
tree5c7dea17ce684c1cce57011ef487370c22d0e677 /browser/base/content/utilityOverlay.js
parent855f11d8f6789bcf10442f8e426bfc1f66bf834d (diff)
downloaduxp-cc4036a9cd56d504667c07fe215e61b22ab0e1f4.tar.gz
Bug 1344706 - Do not reuse originPrincipal as triggeringPrincipal within utilityOverlay.js
Diffstat (limited to 'browser/base/content/utilityOverlay.js')
-rw-r--r--browser/base/content/utilityOverlay.js23
1 files changed, 15 insertions, 8 deletions
diff --git a/browser/base/content/utilityOverlay.js b/browser/base/content/utilityOverlay.js
index 4b6f78bf3d..b041915a7c 100644
--- a/browser/base/content/utilityOverlay.js
+++ b/browser/base/content/utilityOverlay.js
@@ -225,6 +225,7 @@ function openLinkIn(url, where, params) {
var aUserContextId = params.userContextId;
var aIndicateErrorPageLoad = params.indicateErrorPageLoad;
var aPrincipal = params.originPrincipal;
+ var aTriggeringPrincipal = params.triggeringPrincipal;
var aForceAboutBlankViewerInCurrent =
params.forceAboutBlankViewerInCurrent;
@@ -264,13 +265,18 @@ function openLinkIn(url, where, params) {
// Please note we do not have to do that for SystemPrincipals and we
// can not do it for NullPrincipals since NullPrincipals are only
// identical if they actually are the same object (See Bug: 1346759)
- if (aPrincipal && aPrincipal.isCodebasePrincipal) {
- let attrs = {
- userContextId: aUserContextId,
- privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)),
- };
- aPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(aPrincipal.URI, attrs);
+ function useOAForPrincipal(principal) {
+ if (principal && principal.isCodebasePrincipal) {
+ let attrs = {
+ userContextId: aUserContextId,
+ privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)),
+ };
+ return Services.scriptSecurityManager.createCodebasePrincipal(principal.URI, attrs);
+ }
+ return principal;
}
+ aPrincipal = useOAForPrincipal(aPrincipal);
+ aTriggeringPrincipal = useOAForPrincipal(aTriggeringPrincipal);
if (!w || where == "window") {
// Strip referrer data when opening a new private window, to prevent
@@ -321,6 +327,7 @@ function openLinkIn(url, where, params) {
sa.appendElement(referrerPolicySupports, /* weak =*/ false);
sa.appendElement(userContextIdSupports, /* weak =*/ false);
sa.appendElement(aPrincipal, /* weak =*/ false);
+ sa.appendElement(aTriggeringPrincipal, /* weak =*/ false);
let features = "chrome,dialog=no,all";
if (aIsPrivate) {
@@ -407,7 +414,7 @@ function openLinkIn(url, where, params) {
}
aCurrentBrowser.loadURIWithFlags(url, {
- triggeringPrincipal: aPrincipal,
+ triggeringPrincipal: aTriggeringPrincipal,
flags: flags,
referrerURI: aNoReferrer ? null : aReferrerURI,
referrerPolicy: aReferrerPolicy,
@@ -433,7 +440,7 @@ function openLinkIn(url, where, params) {
noReferrer: aNoReferrer,
userContextId: aUserContextId,
originPrincipal: aPrincipal,
- triggeringPrincipal: aPrincipal,
+ triggeringPrincipal: aTriggeringPrincipal,
});
browserUsedForLoad = tabUsedForLoad.linkedBrowser;
break;