guix-play/gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch
Mark H Weaver 2a666e9cfd gnu: icecat: Add fixes for CVE-2014-{8634,8638,8639,8641}.
* gnu/packages/patches/icecat-CVE-2014-8634-pt1.patch,
  gnu/packages/patches/icecat-CVE-2014-8634-pt2.patch,
  gnu/packages/patches/icecat-CVE-2014-8638-pt1.patch,
  gnu/packages/patches/icecat-CVE-2014-8638-pt2.patch,
  gnu/packages/patches/icecat-CVE-2014-8639.patch,
  gnu/packages/patches/icecat-CVE-2014-8641.patch,
  gnu/packages/patches/icecat-armhf-xpcom.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2015-01-16 09:14:08 -05:00

28 lines
974 B
Diff

From 0c4a326295bdb37742fe23f0395916d2ba8ade53 Mon Sep 17 00:00:00 2001
From: Christoph Kerschbaumer <mozilla@christophkerschbaumer.com>
Date: Wed, 19 Nov 2014 16:03:39 -0800
Subject: [PATCH 1/2] Bug 1080987 - navigator.sendBeacon() needs to sent origin
header. r=sicking, a=bkerensa
---
dom/base/Navigator.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/dom/base/Navigator.cpp b/dom/base/Navigator.cpp
index 0f03ad3..020e370 100644
--- a/dom/base/Navigator.cpp
+++ b/dom/base/Navigator.cpp
@@ -1265,6 +1265,9 @@ Navigator::SendBeacon(const nsAString& aUrl,
principal,
true);
+ rv = cors->Init(channel, true);
+ NS_ENSURE_SUCCESS(rv, false);
+
// Start a preflight if cross-origin and content type is not whitelisted
rv = secMan->CheckSameOriginURI(documentURI, uri, false);
bool crossOrigin = NS_FAILED(rv);
--
2.1.2