bug 912582 - false start rc4 and rsa accomodations need exact principal matches r=dkeeler

2024-09-13 09:24:08 -07:00 · 2013-09-04 17:01:02 -04:00 · 2013-09-04 17:01:02 -04:00 · 3ba6fb1c1b
commit 3ba6fb1c1b
parent d08f66a5b1
1 changed files with 6 additions and 3 deletions
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@ -724,14 +724,17 @@ nsHttpChannel::RetrieveSSLOptions()
        return;

    uint32_t perm;
-    nsresult rv = permMgr->TestPermissionFromPrincipal(principal,
-                                                       "falsestart-rsa", &perm);
+    nsresult rv = permMgr->TestExactPermissionFromPrincipal(principal,
+                                                            "falsestart-rsa",
+                                                            &perm);
    if (NS_SUCCEEDED(rv) && perm == nsIPermissionManager::ALLOW_ACTION) {
        LOG(("nsHttpChannel::RetrieveSSLOptions [this=%p] "
             "falsestart-rsa permission found\n", this));
        mCaps |= NS_HTTP_ALLOW_RSA_FALSESTART;
    }
-    rv = permMgr->TestPermissionFromPrincipal(principal, "falsestart-rc4", &perm);
+    rv = permMgr->TestExactPermissionFromPrincipal(principal,
+                                                   "falsestart-rc4",
+                                                   &perm);
    if (NS_SUCCEEDED(rv) && perm == nsIPermissionManager::ALLOW_ACTION) {
        LOG(("nsHttpChannel::RetrieveSSLOptions [this=%p] "
             "falsestart-rc4 permission found\n", this));