Bug 1378377 Part 2: Run file://URI whitelisted domains in a file content process. r=Gijs
authorBob Owen <bobowencode@gmail.com>
Wed, 19 Jul 2017 09:37:25 +0100
changeset 418411 137cb6b5df6772b2b34ba91b40ed8e58a1d7d74c
parent 418410 b4f4996c541ea5e260e4ca13617b201e90b08096
child 418412 078a6b523cc1b53c8e55a286dc405e28e609a892
push id7566
push usermtabara@mozilla.com
push dateWed, 02 Aug 2017 08:25:16 +0000
treeherdermozilla-beta@86913f512c3c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersGijs
bugs1378377
milestone56.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1378377 Part 2: Run file://URI whitelisted domains in a file content process. r=Gijs
browser/modules/E10SUtils.jsm
--- a/browser/modules/E10SUtils.jsm
+++ b/browser/modules/E10SUtils.jsm
@@ -42,30 +42,36 @@ const WEB_REMOTE_TYPE = "web";
 const FILE_REMOTE_TYPE = "file";
 const EXTENSION_REMOTE_TYPE = "extension";
 
 // This must start with the WEB_REMOTE_TYPE above.
 const LARGE_ALLOCATION_REMOTE_TYPE = "webLargeAllocation";
 const DEFAULT_REMOTE_TYPE = WEB_REMOTE_TYPE;
 
 function validatedWebRemoteType(aPreferredRemoteType, aTargetUri, aCurrentUri) {
+  // If the domain is whitelisted to allow it to use file:// URIs, then we have
+  // to run it in a file content process, in case it uses file:// sub-resources.
+  const sm = Services.scriptSecurityManager;
+  if (sm.inFileURIWhitelist(aTargetUri)) {
+    return FILE_REMOTE_TYPE;
+  }
+
   if (!aPreferredRemoteType) {
     return WEB_REMOTE_TYPE;
   }
 
   if (aPreferredRemoteType.startsWith(WEB_REMOTE_TYPE)) {
     return aPreferredRemoteType;
   }
 
   if (allowLinkedWebInFileUriProcess &&
       aPreferredRemoteType == FILE_REMOTE_TYPE) {
     // If aCurrentUri is passed then we should only allow FILE_REMOTE_TYPE
     // when it is same origin as target.
     if (aCurrentUri) {
-      const sm = Services.scriptSecurityManager;
       try {
         // checkSameOriginURI throws when not same origin.
         sm.checkSameOriginURI(aCurrentUri, aTargetUri, false);
         return FILE_REMOTE_TYPE;
       } catch (e) {
         return WEB_REMOTE_TYPE;
       }
     }