Bug 1158131 - Add local resource whitelisting for string bundle channels. r=snorp
authorEugen Sawin <esawin@mozilla.com>
Thu, 30 Apr 2015 18:07:49 +0200
changeset 242254 3b3b8835cb2ec3575921be638dac64b6d03c377e
parent 242253 57fc3025cf9968a571cc16af9996acc9b468cabb
child 242255 ef4588e3937d36234a641ed42384238c784df23f
push id28686
push userryanvm@gmail.com
push dateMon, 04 May 2015 20:06:04 +0000
treeherdermozilla-central@102d0e9aa9e1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssnorp
bugs1158131
milestone40.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1158131 - Add local resource whitelisting for string bundle channels. r=snorp --- intl/strres/nsStringBundle.cpp | 9 +++++++++ 1 file changed, 9 insertions(+)
intl/strres/nsStringBundle.cpp
--- a/intl/strres/nsStringBundle.cpp
+++ b/intl/strres/nsStringBundle.cpp
@@ -64,16 +64,25 @@ nsStringBundle::LoadProperties()
 
   nsresult rv;
 
   // do it synchronously
   nsCOMPtr<nsIURI> uri;
   rv = NS_NewURI(getter_AddRefs(uri), mPropertiesURL);
   if (NS_FAILED(rv)) return rv;
 
+  // whitelist check for local schemes
+  nsCString scheme;
+  uri->GetScheme(scheme);
+  if (!scheme.EqualsLiteral("chrome") && !scheme.EqualsLiteral("jar") &&
+      !scheme.EqualsLiteral("resource") && !scheme.EqualsLiteral("file") &&
+      !scheme.EqualsLiteral("data")) {
+    return NS_ERROR_ABORT;
+  }
+
   nsCOMPtr<nsIChannel> channel;
   rv = NS_NewChannel(getter_AddRefs(channel),
                      uri,
                      nsContentUtils::GetSystemPrincipal(),
                      nsILoadInfo::SEC_NORMAL,
                      nsIContentPolicy::TYPE_OTHER);
 
   if (NS_FAILED(rv)) return rv;