commit b6bc1f1a802dc93620219faeb2f65e2afc78b83c Author: Georg Koppen gk@torproject.org Date: Thu Mar 8 09:19:30 2018 +0000

fixup! Bug 25147: Sanitize HTML fragments created for chrome-privileged documents --- devtools/client/responsive.html/components/browser.js | 7 +++++++ 1 file changed, 7 insertions(+)

diff --git a/devtools/client/responsive.html/components/browser.js b/devtools/client/responsive.html/components/browser.js index f2902905b522..91f709f0cb8a 100644 --- a/devtools/client/responsive.html/components/browser.js +++ b/devtools/client/responsive.html/components/browser.js @@ -16,6 +16,13 @@ const Types = require("../types"); const e10s = require("../utils/e10s"); const message = require("../utils/message");

+// Allow creation of HTML fragments without automatic sanitization, even +// though we're in a chrome-privileged document. +// This is, unfortunately, necessary in order to React to function +// correctly. + +document.allowUnsafeHTML = true; + module.exports = createClass({

/**