[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torbutton/master] Bug #2359: Fix XHTML DTD errors on FF4



commit 156e3a62ffaebc55d8b8b10b54b9567ad9d1b608
Author: Mike Perry <mikeperry-git@xxxxxxxxxx>
Date:   Wed Feb 23 23:38:25 2011 -0800

    Bug #2359: Fix XHTML DTD errors on FF4
    
    Allow content sourcing of resource urls with a host of 'gre'.
---
 src/components/cssblocker.js |   18 ++++++++++++++++--
 1 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/components/cssblocker.js b/src/components/cssblocker.js
index 51f7b98..ad2b1ac 100644
--- a/src/components/cssblocker.js
+++ b/src/components/cssblocker.js
@@ -259,6 +259,19 @@ ContentPolicy.prototype = {
                         }
                     }
 
+                    // Fix bug #2359: Firefox now loads dtd's from
+                    // resource urls with a valid host. We must
+                    // check for this and allow it.
+                    if (contentLocation.scheme == "resource") {
+                      try {
+                        targetHost = contentLocation.host;
+                      } catch(e) {
+                        this.logger.safe_log(3, "No resource host from: ",
+                                requestOrigin.spec + " for: " +
+                                contentLocation.spec);
+                      }
+                    }
+
                     if (("about:blank" == contentLocation.spec)) {
                         // ok, but don't return
                     } else if (("chrome" == targetScheme) && (targetHost in browserSources)) {
@@ -266,8 +279,9 @@ ContentPolicy.prototype = {
                                           requestOrigin.spec + " for: " +
                                           contentLocation.spec);
                         return ok;
-                    } else if ("file" == targetScheme) {
-                        // This fix is for bug 1014. XHTML documents need to source
+                    } else if ("file" == targetScheme ||
+                          ("resource" == targetScheme && targetHost == "gre")) {
+                        // This fix is for bugs 1014+2359. XHTML documents need to source
                         // a special dtd as a file url. The same origin policy should
                         // prevent other access to file urls, so this should be ok
                         // to just allow.

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits