[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor-browser/tor-browser-31.4.0esr-4.5-1] fixup! Bug 12430: Disable external jar: via preference
commit cc60be8eee7b39138adb44c09d0905f8fb7fb0c9
Author: Mike Perry <mikeperry-git@xxxxxxxxxxxxxx>
Date: Wed Feb 11 14:52:15 2015 -0800
fixup! Bug 12430: Disable external jar: via preference
Actually, we should block remote JARs before the load.
---
modules/libjar/nsJARChannel.cpp | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/modules/libjar/nsJARChannel.cpp b/modules/libjar/nsJARChannel.cpp
index f958554..6fcdac8 100644
--- a/modules/libjar/nsJARChannel.cpp
+++ b/modules/libjar/nsJARChannel.cpp
@@ -764,6 +764,12 @@ nsJARChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx)
if (NS_FAILED(rv))
return rv;
+ // Check preferences to see if all remote jar support should be disabled
+ if (!mJarFile && Preferences::GetBool("network.jar.block-remote-files", true)) {
+ mIsUnsafe = true;
+ return NS_ERROR_UNSAFE_CONTENT_TYPE;
+ }
+
// These variables must only be set if we're going to trigger an
// OnStartRequest, either from AsyncRead or OnDownloadComplete.
//
@@ -898,7 +904,8 @@ nsJARChannel::OnDownloadComplete(nsIDownloader *downloader,
mContentDisposition = NS_GetContentDispositionFromHeader(mContentDispositionHeader, this);
}
- // here we check preferences to see if all remote jar support should be disabled
+ // This is a defense-in-depth check for the preferences to see if all remote jar
+ // support should be disabled. This check may not be needed.
if (Preferences::GetBool("network.jar.block-remote-files", true)) {
mIsUnsafe = true;
status = NS_ERROR_UNSAFE_CONTENT_TYPE;
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits