[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor-browser/tor-browser-52.6.0esr-8.0-2] fixup! Bug 25147: Sanitize HTML fragments created for chrome-privileged documents



commit b6bc1f1a802dc93620219faeb2f65e2afc78b83c
Author: Georg Koppen <gk@xxxxxxxxxxxxxx>
Date:   Thu Mar 8 09:19:30 2018 +0000

    fixup! Bug 25147: Sanitize HTML fragments created for chrome-privileged documents
---
 devtools/client/responsive.html/components/browser.js | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/devtools/client/responsive.html/components/browser.js b/devtools/client/responsive.html/components/browser.js
index f2902905b522..91f709f0cb8a 100644
--- a/devtools/client/responsive.html/components/browser.js
+++ b/devtools/client/responsive.html/components/browser.js
@@ -16,6 +16,13 @@ const Types = require("../types");
 const e10s = require("../utils/e10s");
 const message = require("../utils/message");
 
+// Allow creation of HTML fragments without automatic sanitization, even
+// though we're in a chrome-privileged document.
+// This is, unfortunately, necessary in order to React to function
+// correctly.
+
+document.allowUnsafeHTML = true;
+
 module.exports = createClass({
 
   /**

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits