From 969767cb137cda4cd70cd59a823174bd8f43af06 Mon Sep 17 00:00:00 2001 From: Christoph Kerschbaumer Date: Tue, 1 Mar 2016 16:11:37 -0800 Subject: [PATCH] Bug 1232903 - Skip Security checks if triggeringPrincipal is SystemPrincipal (r=sicking) --- dom/security/nsContentSecurityManager.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/dom/security/nsContentSecurityManager.cpp b/dom/security/nsContentSecurityManager.cpp index 20720623857..6cf82cc7387 100644 --- a/dom/security/nsContentSecurityManager.cpp +++ b/dom/security/nsContentSecurityManager.cpp @@ -476,6 +476,13 @@ nsContentSecurityManager::CheckChannel(nsIChannel* aChannel) return NS_OK; } + // Allow the load if TriggeringPrincipal is the SystemPrincipal which + // is e.g. necessary to allow user user stylesheets to load XBL from + // external files. + if (nsContentUtils::IsSystemPrincipal(loadInfo->TriggeringPrincipal())) { + return NS_OK; + } + // if none of the REQUIRE_SAME_ORIGIN flags are set, then SOP does not apply if ((securityMode == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS) || (securityMode == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED)) {