Same origin policy for XBL
The same origin policy used for XBL documents is different from the policy used for other content. This article provides a description of how the same origin policy for XBL works.
The principal originating the load is determined using the following steps:
- For external stylesheets (
<?xml-stylesheet?>, user sheets, and UA sheets), it depends on where the sheet is loaded from, just like it would for an HTML document loaded from a similar source.
- For inline stylesheets (
<style>and style attributes), the principal of the element node involved (meaning the
<style>element or the element whose style attribute is being looked at).
- For the
nsIDOMDocumentXBL.loadBindingDocument()methods, the originating principal is the one of the script making the call, or the principal of the document the call is made on if there isn't a script.
Once the originating principal is determined, checks are done to make sure the load should be allowed. The checks performed are:
- If the principal originating the load is the system principal, the load is allowed.
- A call to
ChecLoadURIWithPrincipal()is done to make sure the principal is able to link to the given URI in the first place.
- A content policy check is performed.
- If the URI is a
chrome:URI, the load is allowed. Note that step 2 already denied the load attempt for cases in which the
chrome:URI isn't accessible to untrusted content.
CheckMayLoad()check is performed on the originating principal for the given URI.
CheckMayLoad() check passes, the load is allowed.