summaryrefslogtreecommitdiff
path: root/netwerk
diff options
context:
space:
mode:
authorNew Tobin Paradigm <email@mattatobin.com>2018-04-12 10:49:23 -0400
committerGitHub <noreply@github.com>2018-04-12 10:49:23 -0400
commit4c2e77404f43040ce7a9f0d9052448b3f23a8c28 (patch)
treed7161a645a98f38dd18797cc80581446929f99c7 /netwerk
parenta0968fc6a86c8ab1abfa83d3c1986fadf3ec2766 (diff)
parent9f7f0f1172d67ab29e4f72eb1b34ab6f4bb231b1 (diff)
downloaduxp-4c2e77404f43040ce7a9f0d9052448b3f23a8c28.tar.gz
Merge pull request #126 from janekptacijarabaci/js_X-Content-Type-Options_nosniff_json_1
Align XCTO: nosniff allowed script MIME types with the spec
Diffstat (limited to 'netwerk')
-rw-r--r--netwerk/protocol/http/nsHttpChannel.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index ce0f45dabe..94b0d9bf93 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -1152,7 +1152,7 @@ ProcessXCTO(nsIURI* aURI, nsHttpResponseHead* aResponseHead, nsILoadInfo* aLoadI
}
if (aLoadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_SCRIPT) {
- if (nsContentUtils::IsScriptType(contentType)) {
+ if (nsContentUtils::IsJavascriptMIMEType(NS_ConvertUTF8toUTF16(contentType))) {
return NS_OK;
}
ReportTypeBlocking(aURI, aLoadInfo, "MimeTypeMismatch");