Bug 691947 - Relax DOM full-screen API security constraints for requests coming from chrome. r=roc

2024-09-13 09:24:08 -07:00 · 2011-11-03 19:37:38 +13:00 · 2011-11-03 19:37:38 +13:00 · 29e76a123f
commit 29e76a123f
parent 702c5e844c
2 changed files with 11 additions and 1 deletions
--- a/content/base/src/nsContentUtils.cpp
+++ b/content/base/src/nsContentUtils.cpp
@ -5813,7 +5813,9 @@ nsContentUtils::IsFullScreenApiEnabled()

 bool nsContentUtils::IsRequestFullScreenAllowed()
 {
-  return !sTrustedFullScreenOnly || nsEventStateManager::IsHandlingUserInput();
+  return !sTrustedFullScreenOnly ||
+         nsEventStateManager::IsHandlingUserInput() ||
+         IsCallerChrome();
 }

 bool
--- a/content/base/src/nsDocument.cpp
+++ b/content/base/src/nsDocument.cpp
@ -8607,6 +8607,14 @@ nsDocument::GetMozFullScreenEnabled(bool *aFullScreen)
  NS_ENSURE_ARG_POINTER(aFullScreen);
  *aFullScreen = false;

+  if (nsContentUtils::IsCallerChrome() &&
+      nsContentUtils::IsFullScreenApiEnabled()) {
+    // Chrome code can always use the full-screen API, provided it's not
+    // explicitly disabled.
+    *aFullScreen = true;
+    return NS_OK;
+  }
+
  if (!nsContentUtils::IsFullScreenApiEnabled() ||
      nsContentUtils::HasPluginWithUncontrolledEventDispatch(this) ||
      !IsVisible()) {