• commit-queue@webkit.org's avatar
    Resource loader should block HTTP redirects to local resources · d065482e
    commit-queue@webkit.org authored
    https://bugs.webkit.org/show_bug.cgi?id=68706
    
    Patch by Ken Buchanan <kenrb@chromium.org> on 2011-10-03
    Reviewed by Adam Barth.
    
    Source/WebCore:
    
    Modified MainResourceLoader to add an extra security check on
    HTTP redirects. Also, moved isFeedWithNestedProtocolInHTTPFamily
    to SecurityOrigin.cpp.
    
    * loader/FrameLoader.cpp:
    (WebCore::isFeedWithNestedProtocolInHTTPFamily):
    (WebCore::FrameLoader::loadFrameRequest):
    * loader/MainResourceLoader.cpp:
    (WebCore::MainResourceLoader::willSendRequest):
    * page/SecurityOrigin.cpp:
    (WebCore::isFeedWithNestedProtocolInHTTPFamily):
    (WebCore::SecurityOrigin::canDisplay):
    
    LayoutTests:
    
    Adding a test to attempt an HTTP redirect to a file: URL.
    
    * http/tests/security/redirect-BLOCKED-to-localURL.html: Added.
    * http/tests/security/redirect-BLOCKED-to-localURL-expected.txt: Added.
    * http/tests/security/resources/file-redirect-target.html: Added.
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@96610 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    d065482e
FrameLoader.cpp 125 KB