Commit 38b5508b authored by trey's avatar trey
Browse files

WebKit:

	3143294 - need short-term bulletproofing of download code against bad filenames

	We protect against a download location that is not an absolute path.

        Reviewed by Darin

        * WebView.subproj/WebMainResourceClient.m:
        (-[WebMainResourceClient continueAfterContentPolicy:response:]):
	Bail on download if we don't have a abs path to write to.

WebBrowser:

	3143294 - need short-term bulletproofing of download code against bad filenames

	We protect against slashes and leading periods, as well as handling empty filenames.

        Reviewed by Darin

        * BrowserWebController.m:
        (-[BrowserWebController saveFilenameForResponse:andRequest:]):
	Check results of [response filename] carefully


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@3287 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 3de55bfc
2003-01-09 Trey Matteson <trey@apple.com>
3143294 - need short-term bulletproofing of download code against bad filenames
We protect against a download location that is not an absolute path.
Reviewed by Darin
* WebView.subproj/WebMainResourceClient.m:
(-[WebMainResourceClient continueAfterContentPolicy:response:]):
Bail on download if we don't have a abs path to write to.
2003-01-08 Trey Matteson <trey@apple.com>
3142201 - home directory nuked during power download session
......
......@@ -196,7 +196,7 @@ -(void)continueAfterContentPolicy:(WebPolicyAction)contentPolicy response:(WebRe
NSString *saveFilename = [[[dataSource controller] policyDelegate]
saveFilenameForResponse:r andRequest:req];
// FIXME: Maybe there a cleaner way handle the bad filename case?
if(!saveFilename || [saveFilename length] == 0){
if(!saveFilename || [saveFilename length] == 0 || ![saveFilename isAbsolutePath]){
ERROR("Nil or empty response to saveFilenameForResponse:andRequest:.");
[self stopLoadingForPolicyChange];
return;
......
......@@ -196,7 +196,7 @@ -(void)continueAfterContentPolicy:(WebPolicyAction)contentPolicy response:(WebRe
NSString *saveFilename = [[[dataSource controller] policyDelegate]
saveFilenameForResponse:r andRequest:req];
// FIXME: Maybe there a cleaner way handle the bad filename case?
if(!saveFilename || [saveFilename length] == 0){
if(!saveFilename || [saveFilename length] == 0 || ![saveFilename isAbsolutePath]){
ERROR("Nil or empty response to saveFilenameForResponse:andRequest:.");
[self stopLoadingForPolicyChange];
return;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment