Bug 1158131 - Add local resource whitelisting for string bundle channels. r=snorp, a=lizzard
authorEugen Sawin <esawin@mozilla.com>
Thu, 30 Apr 2015 18:07:49 +0200
changeset 267475 a28f70d2e0f53b7d113027065826b5d098bf38fe
parent 267474 b964c317dbff7a62d214ae51f960e8bef3e3aab1
child 267476 86f093c2d9950478b0911ef386aa567f7080d08d
push id830
push userraliiev@mozilla.com
push dateFri, 19 Jun 2015 19:24:37 +0000
treeherdermozilla-release@932614382a68 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssnorp, lizzard
bugs1158131
milestone39.0
Bug 1158131 - Add local resource whitelisting for string bundle channels. r=snorp, a=lizzard
intl/strres/nsStringBundle.cpp
--- a/intl/strres/nsStringBundle.cpp
+++ b/intl/strres/nsStringBundle.cpp
@@ -64,16 +64,25 @@ nsStringBundle::LoadProperties()
 
   nsresult rv;
 
   // do it synchronously
   nsCOMPtr<nsIURI> uri;
   rv = NS_NewURI(getter_AddRefs(uri), mPropertiesURL);
   if (NS_FAILED(rv)) return rv;
 
+  // whitelist check for local schemes
+  nsCString scheme;
+  uri->GetScheme(scheme);
+  if (!scheme.EqualsLiteral("chrome") && !scheme.EqualsLiteral("jar") &&
+      !scheme.EqualsLiteral("resource") && !scheme.EqualsLiteral("file") &&
+      !scheme.EqualsLiteral("data")) {
+    return NS_ERROR_ABORT;
+  }
+
   nsCOMPtr<nsIChannel> channel;
   rv = NS_NewChannel(getter_AddRefs(channel),
                      uri,
                      nsContentUtils::GetSystemPrincipal(),
                      nsILoadInfo::SEC_NORMAL,
                      nsIContentPolicy::TYPE_OTHER);
 
   if (NS_FAILED(rv)) return rv;