Bug 657997 - loadFrameScript should never use http and should use a script runner when needed, r=bz+mfinkle
authorOlli Pettay <Olli.Pettay@helsinki.fi>
Thu, 19 May 2011 17:48:17 +0300
changeset 69720 d691bdf1ff43d668071043aa6d8c7370607242c7
parent 69719 4c2d31acc0203e40444603b1ea93e5885a2127ca
child 69721 6f5cb026f6d8103ea23fcf1d12332dbe9e440677
push idunknown
push userunknown
push dateunknown
reviewersbz
bugs657997
milestone6.0a1
Bug 657997 - loadFrameScript should never use http and should use a script runner when needed, r=bz+mfinkle
content/base/src/nsFrameMessageManager.cpp
content/base/src/nsInProcessTabChildGlobal.cpp
--- a/content/base/src/nsFrameMessageManager.cpp
+++ b/content/base/src/nsFrameMessageManager.cpp
@@ -46,16 +46,17 @@
 #include "jsinterp.h"
 #include "nsJSUtils.h"
 #include "nsNetUtil.h"
 #include "nsScriptLoader.h"
 #include "nsIJSContextStack.h"
 #include "nsIXULRuntime.h"
 #include "nsIScriptError.h"
 #include "nsIConsoleService.h"
+#include "nsIProtocolHandler.h"
 
 static PRBool
 IsChromeProcess()
 {
   nsCOMPtr<nsIXULRuntime> rt = do_GetService("@mozilla.org/xre/runtime;1");
   if (!rt)
     return PR_TRUE;
 
@@ -674,16 +675,26 @@ nsFrameScriptExecutor::LoadFrameScriptIn
   }
 
   nsCString url = NS_ConvertUTF16toUTF8(aURL);
   nsCOMPtr<nsIURI> uri;
   nsresult rv = NS_NewURI(getter_AddRefs(uri), url);
   if (NS_FAILED(rv)) {
     return;
   }
+  
+  PRBool hasFlags;
+  rv = NS_URIChainHasFlags(uri,
+                           nsIProtocolHandler::URI_IS_LOCAL_RESOURCE,
+                           &hasFlags);
+  if (NS_FAILED(rv) || !hasFlags) {
+    NS_WARNING("Will not load a frame script!");
+    return;
+  }
+  
   nsCOMPtr<nsIChannel> channel;
   NS_NewChannel(getter_AddRefs(channel), uri);
   if (!channel) {
     return;
   }
 
   nsCOMPtr<nsIInputStream> input;
   channel->Open(getter_AddRefs(input));
--- a/content/base/src/nsInProcessTabChildGlobal.cpp
+++ b/content/base/src/nsInProcessTabChildGlobal.cpp
@@ -324,19 +324,38 @@ nsInProcessTabChildGlobal::InitTabChildG
   rv = mGlobal->GetJSObject(&global);
   NS_ENSURE_SUCCESS(rv, false);
 
   JS_SetGlobalObject(cx, global);
   DidCreateCx();
   return NS_OK;
 }
 
+class nsAsyncScriptLoad : public nsRunnable
+{
+public:
+  nsAsyncScriptLoad(nsInProcessTabChildGlobal* aTabChild, const nsAString& aURL)
+  : mTabChild(aTabChild), mURL(aURL) {}
+
+  NS_IMETHOD Run()
+  {
+    mTabChild->LoadFrameScript(mURL);
+    return NS_OK;
+  }
+  nsRefPtr<nsInProcessTabChildGlobal> mTabChild;
+  nsString mURL;
+};
+
 void
 nsInProcessTabChildGlobal::LoadFrameScript(const nsAString& aURL)
 {
+  if (!nsContentUtils::IsSafeToRunScript()) {
+    nsContentUtils::AddScriptRunner(new nsAsyncScriptLoad(this, aURL));
+    return;
+  }
   if (!mInitialized) {
     mInitialized = PR_TRUE;
     Init();
   }
   PRBool tmp = mLoadingScript;
   mLoadingScript = PR_TRUE;
   LoadFrameScriptInternal(aURL);
   mLoadingScript = tmp;