Closed Bug 1194524 Opened 10 years ago Closed 10 years ago

Use channel->ascynOpen2 in dom/media/MediaResource.cpp

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla43
Tracking Flags:
Tracking Status
firefox43 --- fixed

People

(Reporter: ckerschb, Assigned: ckerschb)

References

Details

Attachments

(1 file)

bug_1194524_asyncopen2_mediaresource.patch
6.83 KB, patch
sicking
: review+
Details | Diff | Splinter Review
No description provided.
Assignee: nobody → mozilla
Blocks: 1182535
Jonas, I suppose we potentially need to set 'SEC_REQUIRE_CORS_DATA_INHERITS' in both cases, not just in one, right? And the other question I have, aren't we missing a contentPolicy check somewhere?
Attachment #8660246 - Flags: review?(jonas)
Comment on attachment 8660246 [details] [diff] [review] bug_1194524_asyncopen2_mediaresource.patch Review of attachment 8660246 [details] [diff] [review]: ----------------------------------------------------------------- Yes, setting it in both places looks correct. ::: dom/media/MediaResource.cpp @@ +861,1 @@ > } You don't need the ChannelShouldInheritPrincipal call or the FORCE_INHERIT. The *_DATA_INHERITS modes take care of that. @@ +1437,5 @@ > mURI, > false, // aInheritForAboutBlank > false // aForceInherit > )) { > + securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL; Same here.
Attachment #8660246 - Flags: review?(jonas) → review+
https://hg.mozilla.org/mozilla-central/rev/f737c4a01752
Status: NEW → RESOLVED
Closed: 10 years ago
status-firefox43: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
Depends on: 1228677
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: