summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch')
-rw-r--r--gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch b/gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch
new file mode 100644
index 0000000000..83ee5fc79e
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch
@@ -0,0 +1,27 @@
+From 0c4a326295bdb37742fe23f0395916d2ba8ade53 Mon Sep 17 00:00:00 2001
+From: Christoph Kerschbaumer <mozilla@christophkerschbaumer.com>
+Date: Wed, 19 Nov 2014 16:03:39 -0800
+Subject: [PATCH 1/2] Bug 1080987 - navigator.sendBeacon() needs to sent origin
+ header. r=sicking, a=bkerensa
+
+---
+ dom/base/Navigator.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/dom/base/Navigator.cpp b/dom/base/Navigator.cpp
+index 0f03ad3..020e370 100644
+--- a/dom/base/Navigator.cpp
++++ b/dom/base/Navigator.cpp
+@@ -1265,6 +1265,9 @@ Navigator::SendBeacon(const nsAString& aUrl,
+ principal,
+ true);
+
++ rv = cors->Init(channel, true);
++ NS_ENSURE_SUCCESS(rv, false);
++
+ // Start a preflight if cross-origin and content type is not whitelisted
+ rv = secMan->CheckSameOriginURI(documentURI, uri, false);
+ bool crossOrigin = NS_FAILED(rv);
+--
+2.1.2
+
generated by cgit v1.2.3 (git 2.46.0) at 2024-08-02 21:00:02 +0000