Bug 408328 - Replace FeedWriter.js's CheckLoadURIStr with CheckLoadURIStrWithPrincipal, r=sayrer, sr=bz, a=sayrer
--- a/browser/components/feeds/Makefile.in
+++ b/browser/components/feeds/Makefile.in
@@ -38,9 +38,13 @@ DEPTH = ../../..
topsrcdir = @top_srcdir@
srcdir = @srcdir@
VPATH = @srcdir@
include $(DEPTH)/config/autoconf.mk
DIRS = public src
+ifdef MOZ_MOCHITEST
+DIRS += test
+endif
+
include $(topsrcdir)/config/rules.mk
--- a/browser/components/feeds/src/FeedWriter.js
+++ b/browser/components/feeds/src/FeedWriter.js
@@ -125,18 +125,19 @@ FeedWriter.prototype = {
* The URI spec to set as the href
*/
_safeSetURIAttribute:
function FW__safeSetURIAttribute(element, attribute, uri) {
var secman = Cc["@mozilla.org/scriptsecuritymanager;1"].
getService(Ci.nsIScriptSecurityManager);
const flags = Ci.nsIScriptSecurityManager.DISALLOW_INHERIT_PRINCIPAL;
try {
- secman.checkLoadURIStr(this._window.location.href, uri, flags);
- // checkLoadURIStr will throw if the link URI should not be loaded per
+ secman.checkLoadURIStrWithPrincipal(this._feedPrincipal, uri, flags);
+ // checkLoadURIStrWithPrincipal will throw if the link URI should not be
+ // loaded, either because our feedURI isn't allowed to load it or per
// the rules specified in |flags|, so we'll never "linkify" the link...
element.setAttribute(attribute, uri);
}
catch (e) {
// Not allowed to load this link because secman.checkLoadURIStr threw
}
},
@@ -771,30 +772,35 @@ FeedWriter.prototype = {
return chan.originalURI;
return null;
},
_window: null,
_document: null,
_feedURI: null,
+ _feedPrincipal: null,
// nsIFeedWriter
init: function FW_init(aWindow) {
// Explicitly wrap |window| in an XPCNativeWrapper to make sure
// it's a real native object! This will throw an exception if we
// get a non-native object.
var window = new XPCNativeWrapper(aWindow);
this._feedURI = this._getOriginalURI(window);
if (!this._feedURI)
return;
this._window = window;
this._document = window.document;
+ var secman = Cc["@mozilla.org/scriptsecuritymanager;1"].
+ getService(Ci.nsIScriptSecurityManager);
+ this._feedPrincipal = secman.getCodebasePrincipal(this._feedURI);
+
LOG("Subscribe Preview: feed uri = " + this._window.location.href);
// Set up the subscription UI
this._initSubscriptionUI();
var prefs = Cc["@mozilla.org/preferences-service;1"].
getService(Ci.nsIPrefBranch2);
prefs.addObserver(PREF_SELECTED_ACTION, this, false);
prefs.addObserver(PREF_SELECTED_READER, this, false);
new file mode 100644
--- /dev/null
+++ b/browser/components/feeds/test/Makefile.in
@@ -0,0 +1,51 @@
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is mozilla.org code.
+#
+# The Initial Developer of the Original Code is
+# Phil Ringnalda.
+# Portions created by the Initial Developer are Copyright (C) 2007
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either of the GNU General Public License Version 2 or later (the "GPL"),
+# or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+DEPTH = ../../../..
+topsrcdir = @top_srcdir@
+srcdir = @srcdir@
+VPATH = @srcdir@
+relativesrcdir = browser/components/feeds/test
+
+include $(DEPTH)/config/autoconf.mk
+include $(topsrcdir)/config/rules.mk
+
+_TEST_FILES = test_bug408328.html \
+ bug408328-data.xml \
+ $(NULL)
+
+libs:: $(_TEST_FILES)
+ $(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/tests/$(relativesrcdir)
new file mode 100644
--- /dev/null
+++ b/browser/components/feeds/test/bug408328-data.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="utf-8"?>
+<feed xmlns="http://www.w3.org/2005/Atom">
+
+ <title>Example Feed</title>
+ <link href="http://example.org/"/>
+ <updated>2003-12-13T18:30:02Z</updated>
+
+ <author>
+ <name>John Doe</name>
+ </author>
+ <id>urn:uuid:60a76c80-d399-11d9-b93C-0003939e0af6</id>
+
+ <entry>
+
+ <title>Good item</title>
+ <link href="http://example.org/first"/>
+ <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id>
+ <updated>2003-12-13T18:30:02Z</updated>
+
+ <summary>Some text.</summary>
+ </entry>
+
+ <entry>
+
+ <title>data: link</title>
+ <link href="data:text/plain,Hi"/>
+ <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6b</id>
+ <updated>2003-12-13T18:30:03Z</updated>
+
+ <summary>Some text.</summary>
+ </entry>
+
+ <entry>
+
+ <title>javascript: link</title>
+ <link href="javascript:alert('Hi')"/>
+ <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6c</id>
+ <updated>2003-12-13T18:30:04Z</updated>
+
+ <summary>Some text.</summary>
+ </entry>
+
+ <entry>
+
+ <title>file: link</title>
+ <link href="file:///var/"/>
+ <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6d</id>
+ <updated>2003-12-13T18:30:05Z</updated>
+
+ <summary>Some text.</summary>
+ </entry>
+
+ <entry>
+
+ <title>chrome: link</title>
+ <link href="chrome://browser/content/browser.js"/>
+ <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6e</id>
+ <updated>2003-12-13T18:30:06Z</updated>
+
+ <summary>Some text.</summary>
+ </entry>
+
+</feed>
new file mode 100644
--- /dev/null
+++ b/browser/components/feeds/test/test_bug408328.html
@@ -0,0 +1,39 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=408328
+-->
+<head>
+ <title>Test feed preview safe-linkification</title>
+ <script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=408328">Mozilla Bug 408328</a>
+<p id="display"><iframe id="testFrame" src="bug408328-data.xml"></iframe></p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Bug 408328 **/
+SimpleTest.waitForExplicitFinish();
+
+addLoadEvent(function() {
+ netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead");
+ var links = $("testFrame").contentDocument.getElementById("feedContent").getElementsByTagName("a");
+ is(links.length, 5, "wrong number of linked items in feed preview");
+ for (var i = 0; i < links.length; i++) {
+ if (links[i].href)
+ is(links[i].href, "http://example.org/first", "bad linkified item");
+ }
+});
+addLoadEvent(SimpleTest.finish);
+
+</script>
+</pre>
+</body>
+</html>
+