wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1158131 - Add local resource whitelisting for string bundle channels. r=snorp

Browse Source 
---
 intl/strres/nsStringBundle.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)
This commit is contained in:
Eugen Sawin 2015-04-30 18:07:49 +02:00
parent b9872b41a7
commit ba1c467158
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
intl/strres/nsStringBundle.cpp
View File

@ -69,6 +69,15 @@ nsStringBundle::LoadProperties()
rv = NS_NewURI(getter_AddRefs(uri), mPropertiesURL);
if (NS_FAILED(rv)) return rv;
// whitelist check for local schemes
nsCString scheme;
uri->GetScheme(scheme);
if (!scheme.EqualsLiteral("chrome") && !scheme.EqualsLiteral("jar") &&
!scheme.EqualsLiteral("resource") && !scheme.EqualsLiteral("file") &&
!scheme.EqualsLiteral("data")) {
return NS_ERROR_ABORT;
}
nsCOMPtr<nsIChannel> channel;
rv = NS_NewChannel(getter_AddRefs(channel),
uri,