wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1147946, part 3 - Eliminate unused case for non-JS scripting languages in XULContentSinkImpl::OpenScript(). r=baku

Browse Source 
langID is either be UNKNOWN or JAVASCRIPT so we never run the code here.
This commit is contained in:
Andrew McCreight 2015-04-02 12:13:15 -07:00
parent 276293ebe2
commit 62e6411cd6
1 changed files with 0 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
dom/xul/nsXULContentSink.cpp
View File

@ -913,21 +913,7 @@ XULContentSinkImpl::OpenScript(const char16_t** aAttributes,
aAttributes += 2;
}
// Not all script languages have a "sandbox" concept. At time of
// writing, Python is the only other language, and it does not.
// For such languages, neither any inline script nor remote script are
// safe to execute from untrusted sources.
// So for such languages, we only allow script when the document
// itself is from chrome. We then don't bother to check the
// "src=" tag - we trust chrome to do the right thing.
// (See also similar code in nsScriptLoader.cpp)
nsCOMPtr<nsIDocument> doc(do_QueryReferent(mDocument));
if (langID != nsIProgrammingLanguage::UNKNOWN &&
langID != nsIProgrammingLanguage::JAVASCRIPT &&
doc && !nsContentUtils::IsChromeDoc(doc)) {
langID = nsIProgrammingLanguage::UNKNOWN;
NS_WARNING("Non JS language called from non chrome - ignored");
}
// Don't process scripts that aren't known
if (langID != nsIProgrammingLanguage::UNKNOWN) {