Permalink
Browse files

Try switching pdf.js to a content-based policy via a resource:// URL.…

… Fail.
  • Loading branch information...
1 parent eb5e294 commit 2d588e109b613683176ada522da69c1d50054a09 @protz committed Jan 20, 2012
View
@@ -1,6 +1,6 @@
content conversations content/
skin conversations classic/1.0 skin/
-resource conversations modules/
+resource conversations ./
overlay chrome://messenger/content/messenger.xul chrome://conversations/content/overlay.xul
#locale conversations cs locale/cs/
@@ -15,10 +15,10 @@
const Cu = Components.utils;
const Cr = Components.results;
- Cu.import("resource://conversations/config.js");
- Cu.import("resource://conversations/prefs.js");
- Cu.import("resource://conversations/log.js");
- Cu.import("resource://conversations/assistant.js");
+ Cu.import("resource://conversations/modules/config.js");
+ Cu.import("resource://conversations/modules/prefs.js");
+ Cu.import("resource://conversations/modules/log.js");
+ Cu.import("resource://conversations/modules/assistant.js");
let Log = setupLogging("Conversations.AssistantUI");
let uninstallInfos = JSON.parse(Prefs.getString("conversations.uninstall_infos"));
@@ -43,9 +43,9 @@ const Cr = Components.results;
Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
Cu.import("resource:///modules/gloda/mimemsg.js");
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/log.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/log.js");
let Log = setupLogging("Conversations.Gallery");
let strings = new StringBundle("chrome://conversations/locale/message.properties");
View
@@ -35,10 +35,10 @@
* ***** END LICENSE BLOCK ***** */
// Dear AMO reviewer, please note that these files have var EXPORTED_SYMBOLS = [];
-Components.utils.import("resource://conversations/plugins/glodaAttrProviders.js");
-Components.utils.import("resource://conversations/plugins/embeds.js");
-Components.utils.import("resource://conversations/plugins/enigmail.js");
-Components.utils.import("resource://conversations/plugins/lightning.js");
+Components.utils.import("resource://conversations/modules/plugins/glodaAttrProviders.js");
+Components.utils.import("resource://conversations/modules/plugins/embeds.js");
+Components.utils.import("resource://conversations/modules/plugins/enigmail.js");
+Components.utils.import("resource://conversations/modules/plugins/lightning.js");
var Conversations = {
// These two belong here, use getMail3Pane().Conversations to access them
@@ -58,10 +58,10 @@ var Conversations = {
window.addEventListener("load", function _overlay_eventListener () {
let NS = {};
- Components.utils.import("resource://conversations/monkeypatch.js", NS);
- Components.utils.import("resource://conversations/conversation.js", NS);
- Components.utils.import("resource://conversations/prefs.js", NS);
- Components.utils.import("resource://conversations/config.js", NS);
+ Components.utils.import("resource://conversations/modules/monkeypatch.js", NS);
+ Components.utils.import("resource://conversations/modules/conversation.js", NS);
+ Components.utils.import("resource://conversations/modules/prefs.js", NS);
+ Components.utils.import("resource://conversations/modules/config.js", NS);
// We instantiate the Monkey-Patch for the given Conversation object.
let monkeyPatch = new NS.MonkeyPatch(window, NS.Conversation);
@@ -4,11 +4,11 @@
<head>
<link rel="stylesheet" href="buttons.css">
- <!-- Everything in this file is loaded as *content*, so there are absolutely
- no security concerns with loading pdf.js -->
+ <!-- This file is loaded through a resource:// URL so all the scripts below
+ run as content... -->
<script type="text/javascript" src="../pdfjs/build/pdf.js"></script>
<script type="text/javascript">
- PDFJS.workerSrc = 'chrome://conversations/content/pdfjs/build/pdf.js';
+ PDFJS.workerSrc = 'resource://conversations/content/pdfjs/build/pdf.js';
</script>
<script src="viewer.js" type="application/javascript;version=1.8" charset="utf-8"></script>
@@ -36,20 +36,8 @@
"use strict";
-const Ci = Components.interfaces;
-const Cc = Components.classes;
-const Cu = Components.utils;
-const Cr = Components.results;
-
-Cu.import("resource://gre/modules/XPCOMUtils.jsm"); // for generateQI
-Cu.import("resource://gre/modules/Services.jsm");
-Cu.import("resource://gre/modules/NetUtil.jsm");
-Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
-Cu.import("resource://conversations/log.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-
-let Log = setupLogging("Conversations.PdfViewer");
-let strings = new StringBundle("chrome://conversations/locale/message.properties");
+let Log; // filled from wrapper.js
+let strings; // filled from wrapper.js
let viewer;
@@ -45,8 +45,8 @@ Cu.import("resource://gre/modules/XPCOMUtils.jsm"); // for generateQI
Cu.import("resource://gre/modules/Services.jsm");
Cu.import("resource://gre/modules/NetUtil.jsm");
Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
-Cu.import("resource://conversations/log.js");
-Cu.import("resource://conversations/stdlib/misc.js");
+Cu.import("resource://conversations/modules/log.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
let Log = setupLogging("Conversations.PdfViewer");
let strings = new StringBundle("chrome://conversations/locale/message.properties");
@@ -109,9 +109,13 @@ Wrapper.prototype = {
let browser = document.getElementById("browser");
browser.addEventListener("load", function load_handler () {
browser.removeEventListener("load", load_handler, true);
- browser.contentWindow.init(data);
+ let w = browser.contentWindow.wrappedJSObject;
+ w.Log = setupLogging("Conversations.PdfViewer");
+ w.strings = new StringBundle("chrome://conversations/locale/message.properties");
+ w.init(data);
}, true);
- browser.contentDocument.location.href = "viewer.html";
+ // Load from a resource:// URL so that it doesn't have chrome privileges.
+ browser.loadURI("resource://conversations/content/pdfviewer/viewer.html", null, null);
}.bind(this));
},
@@ -1,10 +1,8 @@
<?xml version="1.0"?>
<window xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
- <!-- This file has chrome privileges -->
<script src="wrapper.js" type="application/javascript;version=1.8" charset="utf-8"></script>
- <!-- But we load viewer.html with content privileges -->
<browser id="browser" type="content" style="height: 100%" flex="1">
</browser>
View
@@ -50,17 +50,17 @@ Cu.import("resource:///modules/gloda/mimemsg.js");
const gMessenger = Cc["@mozilla.org/messenger;1"]
.createInstance(Ci.nsIMessenger);
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/stdlib/send.js");
-Cu.import("resource://conversations/stdlib/compose.js");
-Cu.import("resource://conversations/log.js");
-Cu.import("resource://conversations/misc.js");
-Cu.import("resource://conversations/hook.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/stdlib/send.js");
+Cu.import("resource://conversations/modules/stdlib/compose.js");
+Cu.import("resource://conversations/modules/log.js");
+Cu.import("resource://conversations/modules/misc.js");
+Cu.import("resource://conversations/modules/hook.js");
let Log = setupLogging("Conversations.Stub.Compose");
-Cu.import("resource://conversations/stdlib/SimpleStorage.js");
+Cu.import("resource://conversations/modules/stdlib/SimpleStorage.js");
let ss = SimpleStorage.createIteratorStyle("conversations");
window.addEventListener("unload", function () {
// save if needed
View
@@ -258,10 +258,10 @@
// let Conversations = window.top.Conversations;
Components.utils.import("resource:///modules/mailServices.js");
- Components.utils.import("resource://conversations/stdlib/misc.js");
- Components.utils.import("resource://conversations/stdlib/msgHdrUtils.js");
- Components.utils.import("resource://conversations/prefs.js");
- Components.utils.import("resource://conversations/log.js");
+ Components.utils.import("resource://conversations/modules/stdlib/misc.js");
+ Components.utils.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+ Components.utils.import("resource://conversations/modules/prefs.js");
+ Components.utils.import("resource://conversations/modules/log.js");
let Log = setupLogging("Conversations.Stub");
let isOSX = ("nsILocalFileMac" in Components.interfaces);
View
@@ -21,10 +21,10 @@ Cu.import("resource:///modules/virtualFolderWrapper.js");
Cu.import("resource:///modules/gloda/index_msg.js");
Cu.import("resource:///modules/gloda/public.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/prefs.js");
-Cu.import("resource://conversations/log.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/prefs.js");
+Cu.import("resource://conversations/modules/log.js");
let Log = setupLogging("Conversations.Assistant");
View
@@ -56,11 +56,11 @@ Cu.import("resource:///modules/mailServices.js");
Cu.import("resource:///modules/gloda/utils.js");
Cu.import("resource:///modules/gloda/gloda.js");
-Cu.import("resource://conversations/stdlib/compose.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/log.js");
-Cu.import("resource://conversations/misc.js");
+Cu.import("resource://conversations/modules/stdlib/compose.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/log.js");
+Cu.import("resource://conversations/modules/misc.js");
const Contacts = {
kFrom: 0,
View
@@ -47,15 +47,15 @@ Cu.import("resource://gre/modules/Services.jsm");
Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
Cu.import("resource:///modules/gloda/gloda.js");
-Cu.import("resource://conversations/log.js");
-Cu.import("resource://conversations/prefs.js");
-
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/message.js");
-Cu.import("resource://conversations/contact.js");
-Cu.import("resource://conversations/misc.js"); // for groupArray
-Cu.import("resource://conversations/hook.js");
+Cu.import("resource://conversations/modules/log.js");
+Cu.import("resource://conversations/modules/prefs.js");
+
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/message.js");
+Cu.import("resource://conversations/modules/contact.js");
+Cu.import("resource://conversations/modules/misc.js"); // for groupArray
+Cu.import("resource://conversations/modules/hook.js");
let Log = setupLogging("Conversations.Conversation");
View
@@ -1,6 +1,6 @@
var EXPORTED_SYMBOLS = ["setupLogging", "dumpCallStack", "logRoot", "Colors"]
-Components.utils.import("resource://conversations/prefs.js");
+Components.utils.import("resource://conversations/modules/prefs.js");
Components.utils.import("resource:///modules/gloda/log4moz.js");
function setupLogging(name) {
View
@@ -71,17 +71,17 @@ const kAllowRemoteContent = 2;
let strings = new StringBundle("chrome://conversations/locale/message.properties");
-Cu.import("resource://conversations/stdlib/addressBookUtils.js");
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/stdlib/compose.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/plugins/helpers.js");
-Cu.import("resource://conversations/quoting.js");
-Cu.import("resource://conversations/contact.js");
-Cu.import("resource://conversations/prefs.js");
-Cu.import("resource://conversations/misc.js"); // for iconForMimeType
-Cu.import("resource://conversations/hook.js");
-Cu.import("resource://conversations/log.js");
+Cu.import("resource://conversations/modules/stdlib/addressBookUtils.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/stdlib/compose.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/plugins/helpers.js");
+Cu.import("resource://conversations/modules/quoting.js");
+Cu.import("resource://conversations/modules/contact.js");
+Cu.import("resource://conversations/modules/prefs.js");
+Cu.import("resource://conversations/modules/misc.js"); // for iconForMimeType
+Cu.import("resource://conversations/modules/hook.js");
+Cu.import("resource://conversations/modules/log.js");
let Log = setupLogging("Conversations.Message");
// This is high because we want enough snippet to extract relevant data from
View
@@ -48,9 +48,9 @@ const Cu = Components.utils;
Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
Cu.import("resource:///modules/gloda/index_msg.js");
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/prefs.js");
-Cu.import("resource://conversations/log.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/prefs.js");
+Cu.import("resource://conversations/modules/log.js");
let Log = setupLogging("Conversations.Misc");
let strings = new StringBundle("chrome://conversations/locale/message.properties");
View
@@ -46,12 +46,12 @@ const Cr = Components.results;
Cu.import("resource://gre/modules/AddonManager.jsm");
Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/assistant.js");
-Cu.import("resource://conversations/misc.js"); // for joinWordList
-Cu.import("resource://conversations/prefs.js");
-Cu.import("resource://conversations/log.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/assistant.js");
+Cu.import("resource://conversations/modules/misc.js"); // for joinWordList
+Cu.import("resource://conversations/modules/prefs.js");
+Cu.import("resource://conversations/modules/log.js");
Cu.import("resource://gre/modules/Services.jsm");
View
@@ -43,12 +43,12 @@ const Cr = Components.results;
Cu.import("resource://gre/modules/Services.jsm"); // https://developer.mozilla.org/en/JavaScript_code_modules/Services.jsm
Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/prefs.js");
-Cu.import("resource://conversations/misc.js");
-Cu.import("resource://conversations/hook.js");
-Cu.import("resource://conversations/log.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/prefs.js");
+Cu.import("resource://conversations/modules/misc.js");
+Cu.import("resource://conversations/modules/hook.js");
+Cu.import("resource://conversations/modules/log.js");
let strings = new StringBundle("chrome://conversations/locale/message.properties");
@@ -51,7 +51,7 @@ var EXPORTED_SYMBOLS = [];
*
* let hasConversations;
* try {
- * Components.utils.import("resource://conversations/hook.js");
+ * Components.utils.import("resource://conversations/modules/hook.js");
* hasConversations = true;
* } catch (e) {
* hasConversations = false;
@@ -71,12 +71,12 @@ const Cr = Components.results;
Cu.import("resource://gre/modules/Services.jsm"); // https://developer.mozilla.org/en/JavaScript_code_modules/Services.jsm
Cu.import("resource:///modules/StringBundle.js"); // for StringBundle
-Cu.import("resource://conversations/stdlib/msgHdrUtils.js");
-Cu.import("resource://conversations/stdlib/misc.js");
-Cu.import("resource://conversations/stdlib/compose.js");
-Cu.import("resource://conversations/misc.js");
-Cu.import("resource://conversations/hook.js");
-Cu.import("resource://conversations/log.js");
+Cu.import("resource://conversations/modules/stdlib/msgHdrUtils.js");
+Cu.import("resource://conversations/modules/stdlib/misc.js");
+Cu.import("resource://conversations/modules/stdlib/compose.js");
+Cu.import("resource://conversations/modules/misc.js");
+Cu.import("resource://conversations/modules/hook.js");
+Cu.import("resource://conversations/modules/log.js");
let strings = new StringBundle("chrome://conversations/locale/message.properties");
@@ -67,7 +67,7 @@ const Cc = Components.classes;
const Cu = Components.utils;
const Cr = Components.results;
-Cu.import("resource://conversations/plugins/helpers.js");
+Cu.import("resource://conversations/modules/plugins/helpers.js");
Cu.import("resource:///modules/gloda/public.js");
Cu.import("resource:///modules/gloda/mimemsg.js");
@@ -44,7 +44,7 @@ var EXPORTED_SYMBOLS = ['PluginHelpers']
*/
Components.utils.import("resource:///modules/gloda/utils.js");
-Components.utils.import("resource://conversations/stdlib/misc.js");
+Components.utils.import("resource://conversations/modules/stdlib/misc.js");
const gsfnRegexp = /^(.+)(?:, an employee of Mozilla Messaging,)? (?:replied to|commented on|just asked)/;
const gsfnFrom = "Mozilla Messaging <noreply.mozilla_messaging@getsatisfaction.com>";
@@ -36,8 +36,8 @@
var EXPORTED_SYMBOLS = [];
-Components.utils.import("resource://conversations/hook.js");
-Components.utils.import("resource://conversations/log.js");
+Components.utils.import("resource://conversations/modules/hook.js");
+Components.utils.import("resource://conversations/modules/log.js");
Components.utils.import("resource:///modules/Services.jsm");
let Log = setupLogging("Conversations.Modules.Lightning");
Oops, something went wrong.

0 comments on commit 2d588e1

Please sign in to comment.