Bug 1412639 - remove 'type=application/x-message-display' before same origin check in image processing. r=aceman
authorJorg K <jorgk@jorgk.com>
Wed, 01 Nov 2017 07:15:19 +0100
changeset 29297 28b76ee8a4ee41254df393d308a94f7bd2e7c022
parent 29296 b445a09c601f89787ec789b55021f0bb222aceb1
child 29298 0cac090f60803e4d922817906ce77386feab6c08
push id2068
push userclokep@gmail.com
push dateMon, 13 Nov 2017 19:02:14 +0000
treeherdercomm-beta@9c7e7ce8672b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersaceman
bugs1412639
Bug 1412639 - remove 'type=application/x-message-display' before same origin check in image processing. r=aceman
mail/components/compose/content/MsgComposeCommands.js
--- a/mail/components/compose/content/MsgComposeCommands.js
+++ b/mail/components/compose/content/MsgComposeCommands.js
@@ -5470,16 +5470,42 @@ var gAttachmentNotifier =
       }
     }
   },
 
   timer: Components.classes["@mozilla.org/timer;1"]
                    .createInstance(Components.interfaces.nsITimer)
 };
 
+/**
+ * Helper function to remove a query part from a URL, so for example:
+ * ...?remove=xx&other=yy becomes ...?other=yy.
+ *
+ * @param aURL    the URL from which to remove the query part
+ * @param aQuery  the query part to remove
+ * @return        the URL with the query part removed
+ */
+function removeQueryPart(aURL, aQuery)
+{
+  // Quick pre-check.
+  if (aURL.indexOf(aQuery) < 0)
+    return aURL;
+
+  let indexQM = aURL.indexOf("?");
+  if (indexQM < 0)
+    return aURL;
+
+  let queryParts = aURL.substr(indexQM + 1).split("&");
+  let indexPart = queryParts.indexOf(aQuery);
+  if (indexPart < 0)
+    return aURL;
+  queryParts.splice(indexPart, 1);
+  return aURL.substr(0, indexQM + 1) + queryParts.join("&");
+}
+
 function InitEditor()
 {
   var editor = GetCurrentEditor();
 
   // Set eEditorMailMask flag to avoid using content prefs for spell checker,
   // otherwise dictionary setting in preferences is ignored and dictionary is
   // inconsistent in subject and message body.
   let eEditorMailMask = Components.interfaces.nsIPlaintextEditor.eEditorMailMask;
@@ -5551,17 +5577,18 @@ function InitEditor()
       return;
     }
     if (gOriginalMsgURI) {
       let msgSvc = Components.classes["@mozilla.org/messenger;1"]
         .createInstance(Components.interfaces.nsIMessenger)
         .messageServiceFromURI(gOriginalMsgURI);
       let originalMsgNeckoURI = {};
       msgSvc.GetUrlForUri(gOriginalMsgURI, originalMsgNeckoURI, null);
-      if (src.startsWith(originalMsgNeckoURI.value.spec)) {
+      if (src.startsWith(removeQueryPart(originalMsgNeckoURI.value.spec,
+                                         "type=application/x-message-display"))) {
         // Reply/Forward/Edit Draft/Edit as New can contain references to
         // images in the original message. Load those and make them data: URLs
         // now.
         event.target.classList.add("loading-internal");
         try {
           loadBlockedImage(src);
         } catch (e) {
           // Couldn't load the referenced image.
@@ -5584,17 +5611,19 @@ function InitEditor()
   let background = editor.document.body.background;
   if (background && gOriginalMsgURI) {
     // Check that background has the same URL as the message itself.
     let msgSvc = Components.classes["@mozilla.org/messenger;1"]
       .createInstance(Components.interfaces.nsIMessenger)
       .messageServiceFromURI(gOriginalMsgURI);
     let originalMsgNeckoURI = {};
     msgSvc.GetUrlForUri(gOriginalMsgURI, originalMsgNeckoURI, null);
-    if (background.startsWith(originalMsgNeckoURI.value.spec)) {
+    if (background.startsWith(
+        removeQueryPart(originalMsgNeckoURI.value.spec,
+                        "type=application/x-message-display"))) {
       try {
         editor.document.body.background = loadBlockedImage(background, true);
       } catch (e) {
         // Couldn't load the referenced image.
         Components.utils.reportError(e);
       }
     }
   }