Mercurial > releases > mozilla-release / changeset / cadb12b21740b04b662752d6c0b703713d387129
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 677643 part 1. Clone the URI argument in OnLinkClickSync to work around content policies mutating the URI which is shared with some random caller. r=smaug
authorBoris Zbarsky <bzbarsky@mit.edu>
Mon, 26 Sep 2011 18:03:14 -0400
changeset 78936 cadb12b21740b04b662752d6c0b703713d387129
parent 78935 95a1d14917c4638f3c3d634b9d94000f3848571b
child 78937 952017f5f62bbdcbece40f547208ecd8bb908a1b
push id78
push userclegnitto@mozilla.com
push dateFri, 16 Dec 2011 17:32:24 +0000
treeherdermozilla-release@79d24e644fdd [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssmaug
bugs677643
milestone9.0a1
first release with
nightly linux32
7f4867717226 / 10.0a1 / 20110928030855 / files
nightly linux64
7f4867717226 / 10.0a1 / 20110928030855 / files
nightly mac
7f4867717226 / 10.0a1 / 20110928030855 / files
nightly win32
7f4867717226 / 10.0a1 / 20110928030855 / files
nightly win64
7f4867717226 / 10.0a1 / 20110928030855 / files
last release without
nightly linux32
c722928d8b69 / 9.0a1 / 20110926030901 / files
nightly linux64
c722928d8b69 / 9.0a1 / 20110926030901 / files
nightly mac
c722928d8b69 / 9.0a1 / 20110926030901 / files
nightly win32
c722928d8b69 / 9.0a1 / 20110926030901 / files
nightly win64
c722928d8b69 / 9.0a1 / 20110926030901 / files
Bug 677643 part 1. Clone the URI argument in OnLinkClickSync to work around content policies mutating the URI which is shared with some random caller. r=smaug
docshell/base/nsDocShell.cpp file | annotate | diff | comparison | revisions 
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -11562,18 +11562,27 @@ nsDocShell::OnLinkClickSync(nsIContent *
   nsCOMPtr<nsIDOMHTMLAnchorElement> anchor(do_QueryInterface(aContent));
   if (anchor) {
     anchor->GetType(typeHint);
     NS_ConvertUTF16toUTF8 utf8Hint(typeHint);
     nsCAutoString type, dummy;
     NS_ParseContentType(utf8Hint, type, dummy);
     CopyUTF8toUTF16(type, typeHint);
   }
+
+  // Clone the URI now, in case a content policy or something messes
+  // with it under InternalLoad; we do _not_ want to change the URI
+  // our caller passed in.
+  nsCOMPtr<nsIURI> clonedURI;
+  aURI->Clone(getter_AddRefs(clonedURI));
+  if (!clonedURI) {
+    return NS_ERROR_OUT_OF_MEMORY;
+  }
   
-  nsresult rv = InternalLoad(aURI,                      // New URI
+  nsresult rv = InternalLoad(clonedURI,                 // New URI
                              referer,                   // Referer URI
                              aContent->NodePrincipal(), // Owner is our node's
                                                         // principal
                              INTERNAL_LOAD_FLAGS_NONE,
                              target.get(),              // Window target
                              NS_LossyConvertUTF16toASCII(typeHint).get(),
                              aPostDataStream,           // Post data stream
                              aHeadersDataStream,        // Headers stream
mozilla-release
Deployed from b45e317b5917 at 2019-11-28T21:00:07Z.