Patch the various recently reported security vulnerabilities in Mozilla.

This is being done instead of the update to 1.0 PR 1 since we're in a ports
freeze, and too many big changes is not a good idea.

This update covers the following Mozilla bugs:

250862
255067
256316

Thanks to nectar for scraping all of these patches together.

Obtained from:	Mozilla CVS
Approved by:	portmgr (implicit)

1 files changed, 22 insertions, 0 deletions

diff --git a/www/firefox-esr/files/patch-250862 b/www/firefox-esr/files/patch-250862
new file mode 100644
index 000000000000..05423dc84195
--- /dev/null
+++ b/www/firefox-esr/files/patch-250862
@@ -0,0 +1,22 @@
+Index: mozilla/xpfe/communicator/resources/content/contentAreaDD.js
+===================================================================
+RCS file: /cvsroot/mozilla/xpfe/communicator/resources/content/contentAreaDD.js,v
+retrieving revision 1.32
+retrieving revision 1.32.88.1
+diff -u -r1.32 -r1.32.88.1
+--- xpfe/communicator/resources/content/contentAreaDD.js	10 Jul 2002 01:23:50 -0000	1.32
++++ xpfe/communicator/resources/content/contentAreaDD.js	27 Aug 2004 01:13:39 -0000	1.32.88.1
+@@ -53,8 +53,11 @@
+     {
+       var url = transferUtils.retrieveURLFromData(aXferData.data, aXferData.flavour.contentType);
+ 
+-      // valid urls don't contain spaces ' '; if we have a space it isn't a valid url so bail out
+-      if (!url || !url.length || url.indexOf(" ", 0) != -1) 
++      // valid urls don't contain spaces ' '; if we have a space it
++      // isn't a valid url, or if it's a javascript: or data: url,
++      // bail out
++      if (!url || !url.length || url.indexOf(" ", 0) != -1 ||
++          /^\s*(javascript|data):/.test(url))
+         return;
+ 
+       switch (document.firstChild.getAttribute('windowtype')) {