1182544 - Use channel->ascynOpen2 in dom/xml/XMLDocument.cpp

Status: RESOLVED FIXED

(Core :: DOM: Security, defect)

Comment 1

[Christoph Kerschbaumer [:ckerschb}]

Attachment: bug_1182544_asyncopen2_xmldocument.patch

Comment 2

[Jonas Sicking (:sicking) No longer reading bugmail consistently]

Comment on attachment 8643851 [details] [diff] [review]
bug_1182544_asyncopen2_xmldocument.patch

Review of attachment 8643851 [details] [diff] [review]:
-----------------------------------------------------------------

r=me with that fixed.

::: dom/security/nsContentSecurityManager.cpp
@@ +147,5 @@
> +                 "type_xml requires requestingContext of type Document");
> +
> +      if (internalContentPolicyType ==
> +            nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST) {
> +        mimeTypeGuess = NS_LITERAL_CSTRING("application/xml");

I think we'll need another internal type for document.load calls. XHR isn't going to want to use "application/xml" as mimeguess.

::: dom/xml/XMLDocument.cpp
@@ +409,5 @@
>    rv = NS_NewChannel(getter_AddRefs(channel),
>                       uri,
>                       callingDoc ? callingDoc.get() :
>                                    static_cast<nsIDocument*>(this),
> +                     nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS,

This should be DATA_IS_BLOCKED. Look at the arguments to the CheckMayLoad call that you removed.

Comment 3

[Christoph Kerschbaumer [:ckerschb}]

url:        https://hg.mozilla.org/integration/mozilla-inbound/rev/f73f15ea2b8ea5e1654078b2bae16172af2c1f0f
changeset:  f73f15ea2b8ea5e1654078b2bae16172af2c1f0f
user:       Christoph Kerschbaumer <mozilla@christophkerschbaumer.com>
date:       Mon Aug 10 10:19:08 2015 -0700
description:
Bug 1182544 - Use channel->ascynOpen2 in dom/xml/XMLDocument.cpp (r=sicking)

Comment 4

[Ryan VanderMeulen [:RyanVM]]

https://hg.mozilla.org/mozilla-central/rev/f73f15ea2b8e