Commit 6d7a0890 authored by dsnopek's avatar dsnopek Committed by dsnopek

Issue #2946582 by dsnopek: [core] Add D6LTS patch for SA-CORE-2018-001 (fix IMCE issue)

parent ac652689
......@@ -12,7 +12,7 @@ index 9a28c06..a5c362d 100644
// May need language dependent rewriting if language.inc is present.
diff --git a/misc/drupal.js b/misc/drupal.js
index a85b8f8..5ef493b 100644
index a85b8f8..fd68051 100644
--- a/misc/drupal.js
+++ b/misc/drupal.js
@@ -20,6 +20,42 @@
......@@ -44,7 +44,7 @@ index a85b8f8..5ef493b 100644
+ // @todo Consider backporting code from newer jQuery versions to check for
+ // a cross-domain request here, rather than using Drupal.urlIsLocal() to
+ // block scripts from all URLs that are not on the same site.
+ if (!type && !Drupal.urlIsLocal(s.url)) {
+ if (!type && (!s || !Drupal.urlIsLocal(s.url))) {
+ var content_type = xhr.getResponseHeader('content-type') || '';
+ if (content_type.indexOf('javascript') >= 0) {
+ // Default to a safe data type.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment