Bug 1533424 - Don't allow InspectorUtils to mess up with our UA sheets. r=heycam
☠☠ backed out by def4c8434246 ☠ ☠
authorEmilio Cobos Álvarez <emilio@crisal.io>
Fri, 08 Mar 2019 13:54:11 +0000
changeset 521039 b56791a96f96
parent 521038 f001c13667ac
child 521040 c8a4f2586fc0
push id10862
push userffxbld-merge
push dateMon, 11 Mar 2019 13:01:11 +0000
treeherdermozilla-beta@a2e7f5c935da [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersheycam
bugs1533424
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1533424 - Don't allow InspectorUtils to mess up with our UA sheets. r=heycam You can mess up stuff pretty badly if that happens, and we want to do this anyway for the shared UA sheet stuff, so... Differential Revision: https://phabricator.services.mozilla.com/D22554
layout/style/StyleSheet.cpp
--- a/layout/style/StyleSheet.cpp
+++ b/layout/style/StyleSheet.cpp
@@ -962,16 +962,23 @@ void StyleSheet::FinishParse() {
   SetSourceURL(sourceURL);
 }
 
 nsresult StyleSheet::ReparseSheet(const nsAString& aInput) {
   if (!IsComplete()) {
     return NS_ERROR_DOM_INVALID_ACCESS_ERR;
   }
 
+  // Allowing to modify UA sheets is dangerous (in the sense that C++ code
+  // relies on rules in those sheets), plus they're probably going to be shared
+  // across processes in which case this is directly a no-go.
+  if (GetOrigin() == OriginFlags::UserAgent) {
+    return NS_ERROR_DOM_NO_MODIFICATION_ALLOWED_ERR;
+  }
+
   // Hold strong ref to the CSSLoader in case the document update
   // kills the document
   RefPtr<css::Loader> loader;
   if (Document* doc = GetAssociatedDocument()) {
     loader = doc->CSSLoader();
     NS_ASSERTION(loader, "Document with no CSS loader!");
   } else {
     loader = new css::Loader;