commit c5c098346e512cde5ae3e4e5bb09c1aa5f2e82f6
parent 92d0d5a3ead9085605b48a348ef4567ca5ad9843
Author: Adam Vandolder <avandolder@mozilla.com>
Date: Thu, 23 Oct 2025 19:44:49 +0000
Bug 1996072 - Disable the Navigation API for `javascript:` URI documents. r=dom-core,farre
Differential Revision: https://phabricator.services.mozilla.com/D269808
Diffstat:
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/dom/navigation/Navigation.cpp b/dom/navigation/Navigation.cpp
@@ -37,6 +37,7 @@
#include "nsGlobalWindowInner.h"
#include "nsIPrincipal.h"
#include "nsISHistory.h"
+#include "nsIScriptChannel.h"
#include "nsIStructuredCloneContainer.h"
#include "nsIXULRuntime.h"
#include "nsNetUtil.h"
@@ -289,7 +290,11 @@ bool Navigation::HasEntriesAndEventsDisabled() const {
doc->GetInitialStatus() == Document::InitialStatus::IsInitial ||
doc->GetInitialStatus() ==
Document::InitialStatus::IsInitialButExplicitlyOpened ||
- doc->GetPrincipal()->GetIsNullPrincipal();
+ doc->GetPrincipal()->GetIsNullPrincipal() || [&doc]() {
+ nsCOMPtr<nsIScriptChannel> channel =
+ do_QueryInterface(doc->GetChannel());
+ return channel;
+ }();
}
// https://html.spec.whatwg.org/#initialize-the-navigation-api-entries-for-a-new-document
