Bug 1145470 - remove hiddenWindow specialcasing from CheckLoadURI code, r=bholley
authorGijs Kruitbosch <gijskruitbosch@gmail.com>
Thu, 30 Mar 2017 11:16:17 +0100
changeset 350643 f62917e980364f5833744fe17b506a19563b6636
parent 350642 99726da227dd50ef4c79c5767fb9e0fb64136934
child 350644 35277e478e45de60f1d854ccc1a5fe461601d87e
push id88685
push usercbook@mozilla.com
push dateFri, 31 Mar 2017 12:48:11 +0000
treeherdermozilla-inbound@aece477a513e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs1145470
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1145470 - remove hiddenWindow specialcasing from CheckLoadURI code, r=bholley All the consumers relying on this have disappeared, so we can (finally!) get rid of this ugly bit of special-casing. MozReview-Commit-ID: HSeeG21O0p4
caps/nsScriptSecurityManager.cpp
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -893,24 +893,16 @@ nsScriptSecurityManager::CheckLoadURIFla
                 bool accessAllowed = false;
                 reg->AllowContentToAccess(aTargetBaseURI, &accessAllowed);
                 if (accessAllowed) {
                     return NS_OK;
                 }
             }
         }
 
-        // Special-case the hidden window: it's allowed to load
-        // URI_IS_UI_RESOURCE no matter what.  Bug 1145470 tracks removing this.
-        nsAutoCString sourceSpec;
-        if (NS_SUCCEEDED(aSourceBaseURI->GetSpec(sourceSpec)) &&
-            sourceSpec.EqualsLiteral("resource://gre-resources/hiddenWindow.html")) {
-            return NS_OK;
-        }
-
         if (reportErrors) {
             ReportError(nullptr, errorTag, aSourceURI, aTargetURI);
         }
         return NS_ERROR_DOM_BAD_URI;
     }
 
     // Check for target URI pointing to a file
     rv = NS_URIChainHasFlags(aTargetURI,