head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.54 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.52 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.50 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.48 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.46 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.44 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.42 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.40 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.38 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.2.0.36 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.34 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.32 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.30 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.2.0.28 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.26 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.24 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.22 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.20 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.18 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.16 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.14 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.12 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.10 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.8 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.2.0.6 pkgsrc-2004Q2-base:1.2 pkgsrc-2004Q1:1.2.0.4 pkgsrc-2004Q1-base:1.2 pkgsrc-2003Q4:1.2.0.2 pkgsrc-2003Q4-base:1.2 buildlink2:1.1.0.2 buildlink2-base:1.2; locks; strict; comment @# @; 1.2 date 2002.05.14.00.20.35; author taya; state dead; branches; next 1.1; 1.1 date 2002.05.07.23.45.50; author taya; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2002.06.23.19.04.24; author jlam; state dead; branches; next ; desc @@ 1.2 log @ forget to remove this on previous commit @ text @$NetBSD: patch-security_fix,v 1.1 2002/05/07 23:45:50 taya Exp $ Index: uriloader/base/nsDocLoader.cpp =================================================================== RCS file: /cvsroot/mozilla/uriloader/base/nsDocLoader.cpp,v retrieving revision 3.251 diff -u -r3.251 nsDocLoader.cpp --- uriloader/base/nsDocLoader.cpp 17 Apr 2002 03:48:37 -0000 3.251 +++ uriloader/base/nsDocLoader.cpp 30 Apr 2002 19:02:19 -0000 @@@@ -1263,6 +1263,7 @@@@ rv = aNewChannel->GetURI(getter_AddRefs(newURI)); if (NS_FAILED(rv)) return rv; +#ifdef HTTP_DOESNT_CALL_CHECKLOADURI // verify that this is a legal redirect nsCOMPtr securityManager = do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); @@@@ -1270,6 +1271,7 @@@@ rv = securityManager->CheckLoadURI(oldURI, newURI, nsIScriptSecurityManager::DISALLOW_FROM_MAIL); if (NS_FAILED(rv)) return rv; +#endif nsLoadFlags loadFlags = 0; PRInt32 stateFlags = nsIWebProgressListener::STATE_REDIRECTING | Index: netwerk/protocol/http/src/Makefile.in =================================================================== RCS file: /cvsroot/mozilla/netwerk/protocol/http/src/Makefile.in,v retrieving revision 1.56 diff -u -r1.56 Makefile.in --- netwerk/protocol/http/src/Makefile.in 19 Apr 2002 22:25:18 -0000 1.56 +++ netwerk/protocol/http/src/Makefile.in 30 Apr 2002 19:02:19 -0000 @@@@ -36,6 +36,8 @@@@ intl \ exthandler \ caps \ + xpconnect \ + js \ $(NULL) CPPSRCS = \ Index: netwerk/protocol/http/src/nsHttpChannel.cpp =================================================================== RCS file: /cvsroot/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp,v retrieving revision 1.114 diff -u -r1.114 nsHttpChannel.cpp --- netwerk/protocol/http/src/nsHttpChannel.cpp 26 Apr 2002 22:50:50 -0000 1.114 +++ netwerk/protocol/http/src/nsHttpChannel.cpp 30 Apr 2002 19:02:19 -0000 @@@@ -34,6 +34,7 @@@@ #include "nsISupportsPrimitives.h" #include "nsIURL.h" #include "nsIMIMEService.h" +#include "nsIScriptSecurityManager.h" #include "nsCExternalHandlerService.h" #include "nsMimeTypes.h" #include "nsNetUtil.h" @@@@ -1465,6 +1466,15 @@@@ rv = ioService->NewURI(nsDependentCString(location), nsnull, mURI, getter_AddRefs(newURI)); if (NS_FAILED(rv)) return rv; + + // verify that this is a legal redirect + nsCOMPtr securityManager = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); + if (securityManager) { + rv = securityManager->CheckLoadURI(mURI, newURI, + nsIScriptSecurityManager::DISALLOW_FROM_MAIL); + if (NS_FAILED(rv)) return rv; + } // Kill the current cache entry if we are redirecting // back to ourself. --- htmlparser/src/CNavDTD.cpp.orig Sat May 4 00:32:17 2002 +++ htmlparser/src/CNavDTD.cpp Sat May 4 01:14:59 2002 @@@@ -473,14 +473,14 @@@@ nsresult result = NS_OK; - if (aTokenizer && mSink && aParser) { + if (aTokenizer && aParser) { nsITokenizer* oldTokenizer = mTokenizer; mTokenizer = aTokenizer; mParser = (nsParser*)aParser; mTokenAllocator = mTokenizer->GetTokenAllocator(); - + if (mSink) { if (mBodyContext->GetCount() == 0) { CStartToken* theToken=nsnull; if(ePlainText==mDocType) { @@@@ -537,6 +537,7 @@@@ } }//while mTokenizer = oldTokenizer; + } } return result; @ 1.1 log @ Add security fix for " Bugzilla Bug 141061 XMLHttpRequest allows reading of local files" See bugzilla for detail: http://bugzilla.mozilla.org/show_bug.cgi?id=141061 Demo of this vulnerability: http://sec.greymagic.com/adv/gm001-ns/ @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @Merge from pkgsrc-current to buildlink2 branch. @ text @d1 1 a1 1 $NetBSD: patch-security_fix,v 1.1 2002/05/07 23:45:50 taya Exp $ @