Merge backout.
authorMounir Lamouri <mounir.lamouri@gmail.com>
Thu, 30 Sep 2010 16:49:56 -0700
changeset 54822 b57b428e8e7100de54ae94ff723719665222936a
parent 54816 8dcc5e960d5ca7514f69dff56ab7faad2bfc1ff4 (current diff)
parent 54821 decd45d66d66d6b4b91b4186ca6e40b2a63efdea (diff)
child 54824 4ace6b349a3cae691204e3e740c807ef4d9faad8
push id16042
push usermlamouri@mozilla.com
push dateFri, 01 Oct 2010 00:12:59 +0000
treeherdermozilla-central@669eb2d837d7 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
milestone2.0b7pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Merge backout.
docshell/base/nsDocShell.cpp
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -5885,17 +5885,17 @@ nsDocShell::OnRedirectStateChange(nsICha
     nsCOMPtr<nsIURI> oldURI, newURI;
     aOldChannel->GetURI(getter_AddRefs(oldURI));
     aNewChannel->GetURI(getter_AddRefs(newURI));
     if (!oldURI || !newURI) {
         return NS_OK;
     }
 
     // HTTP channel with unsafe methods should not be redirected to a cross-domain.
-    if (!ChannelIsSafeHTTPMethod(aNewChannel)) {
+    if (!ChannelIsSafeMethod(aNewChannel)) {
         // This code is very similar to the code of nsSameOriginChecker in
         // nsContentUtils but we can't use nsSameOriginChecker because it
         // needs to use a channel callback (which we already use).
         // If nsSameOriginChecker happens to not use a channel callback
         // anymore, this code would be a good candidate for refactoring.
         nsCOMPtr<nsIPrincipal> oldPrincipal;
         nsresult rv;
 
@@ -8784,17 +8784,17 @@ nsDocShell::DoURILoad(nsIURI * aURI,
                                                    &isSystem)) &&
             !isSystem) {
             channel->SetOwner(aOwner);
         }
     }
 
     // If a specific HTTP channel has been set and it is not a safe method,
     // we should prevent cross-origin requests.
-    if (aHttpMethod && ownerPrincipal && !ChannelIsSafeHTTPMethod(channel)) {
+    if (aHttpMethod && ownerPrincipal && !ChannelIsSafeMethod(channel)) {
         if (NS_FAILED(ownerPrincipal->CheckMayLoad(aURI, PR_FALSE))) {
             return NS_OK;
         }
     }
 
     nsCOMPtr<nsIScriptChannel> scriptChannel = do_QueryInterface(channel);
     if (scriptChannel) {
         // Allow execution against our context if the principals match
@@ -10431,21 +10431,21 @@ nsDocShell::ChannelIsPost(nsIChannel* aC
 
     nsCAutoString method;
     httpChannel->GetRequestMethod(method);
     return method.Equals("POST");
 }
 
 /* static */
 bool
-nsDocShell::ChannelIsSafeHTTPMethod(nsIChannel* aChannel)
+nsDocShell::ChannelIsSafeMethod(nsIChannel* aChannel)
 {
     nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(aChannel));
     if (!httpChannel) {
-        return true;
+        return false;
     }
 
     nsCAutoString method;
     httpChannel->GetRequestMethod(method);
     return method.Equals("GET") || method.Equals("POST") ||
            method.Equals("HEAD");
 }
 
--- a/docshell/base/nsDocShell.h
+++ b/docshell/base/nsDocShell.h
@@ -452,19 +452,19 @@ protected:
      static bool ChannelIsPost(nsIChannel* aChannel);
 
      /**
       * Helper function that determines if the HTTP channel has a safe method
       *
       * @param aChannel The channel to test
       *
       * @return Whether the channel has a safe HTTP method.
-      * @note Will return true if the channel isn't an HTTP channel.
+      * @note Will return false if the channel isn't an HTTP channel.
       */
-     static bool ChannelIsSafeHTTPMethod(nsIChannel* aChannel);
+     static bool ChannelIsSafeMethod(nsIChannel* aChannel);
 
     /**
      * Helper function that finds the last URI and its transition flags for a
      * channel.
      *
      * This method first checks the channel's property bag to see if previous
      * info has been saved.  If not, it gives back the referrer of the channel.
      *