[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor-browser/tor-browser-52.8.0esr-7.5-1] Bug 25458: UI customization half-broken in Tor Browser 8.0a3

To: tor-commits@xxxxxxxxxxxxxxxxxxxx, tbb-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor-browser/tor-browser-52.8.0esr-7.5-1] Bug 25458: UI customization half-broken in Tor Browser 8.0a3
From: gk@xxxxxxxxxxxxxx
Date: Wed, 20 Jun 2018 11:56:26 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 20 Jun 2018 08:12:05 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Richard Pospesel <richard@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit dfc72b77f566b3dd98f08db0e4a8e7bedcf050a1
Author: Richard Pospesel <richard@xxxxxxxxxxxxxx>
Date:   Fri Apr 20 16:03:41 2018 -0700

    Bug 25458: UI customization half-broken in Tor Browser 8.0a3
    
    Fixed fallout from #25147.  Some of the functionality of the UI
    Customize screen is dependent on setting innerHTML on divs.  Since the
    code runs in the System context, the HTML was being sanitized and broke
    page functionality.  The offending statements have been switched to the
    unsafeSetInnerHTML() method which bypasses sanitization in System
    context.
---
 browser/components/customizableui/CustomizeMode.jsm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/browser/components/customizableui/CustomizeMode.jsm b/browser/components/customizableui/CustomizeMode.jsm
index 49868cdbd4a0..4c32fd867c09 100644
--- a/browser/components/customizableui/CustomizeMode.jsm
+++ b/browser/components/customizableui/CustomizeMode.jsm
@@ -690,13 +690,13 @@ CustomizeMode.prototype = {
       // Put the tip contents in the popup.
       let bundle = this.document.getElementById("bundle_browser");
       const kLabelClass = "customization-tipPanel-link";
-      messageNode.innerHTML = bundle.getFormattedString("customizeTips.tip0", [
+      messageNode.unsafeSetInnerHTML(bundle.getFormattedString("customizeTips.tip0", [
         "<label class=\"customization-tipPanel-em\" value=\"" +
           bundle.getString("customizeTips.tip0.hint") + "\"/>",
         this.document.getElementById("bundle_brand").getString("brandShortName"),
         "<label class=\"" + kLabelClass + " text-link\" value=\"" +
         bundle.getString("customizeTips.tip0.learnMore") + "\"/>"
-      ]);
+      ]));
 
       messageNode.querySelector("." + kLabelClass).addEventListener("click", () => {
         let url = Services.urlFormatter.formatURLPref("browser.customizemode.tip0.learnMoreUrl");

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor-browser-build/maint-7.5] Revert "Bug 26428: add temporary fix to avoid https-e submodule error"
Next by Author: [tor-commits] [tor-browser-build/master] Merge remote-tracking branch 'sukhe/bug-26153'
Previous by thread: [tor-commits] [tor/release-0.3.4] Require live consensus to compute responsible HSDirs.
Next by thread: [tor-commits] [tor/master] Update copyrights to 2018.
Index(es):
- Author
- Thread