From ab0ae6cc24fa73ccff50ff90e36e76a7bdb4e97d Mon Sep 17 00:00:00 2001
From: Fedor <fedor@mail.ru>
Date: Fri, 2 Oct 2020 10:34:38 +0300
Subject: [PATCH] [SVG] Only fire the SVG onload when scripting is enabled and
 allowed.

---
 parser/html/nsHtml5TreeBuilderCppSupplement.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/parser/html/nsHtml5TreeBuilderCppSupplement.h b/parser/html/nsHtml5TreeBuilderCppSupplement.h
index d04293603..2eb907d57 100644
--- a/parser/html/nsHtml5TreeBuilderCppSupplement.h
+++ b/parser/html/nsHtml5TreeBuilderCppSupplement.h
@@ -945,6 +945,9 @@ nsHtml5TreeBuilder::elementPopped(int32_t aNamespace, nsIAtom* aName, nsIContent
   }
   if (aNamespace == kNameSpaceID_SVG) {
     if (aName == nsHtml5Atoms::svg) {
+      if (!scriptingEnabled || mPreventScriptExecution) {
+        return;
+      }
       if (mBuilder) {
         nsHtml5TreeOperation::SvgLoad(static_cast<nsIContent*>(aElement));
         return;