[BlackBerry] Disable redirect to data scheme for potential fishing.

https://bugs.webkit.org/show_bug.cgi?id=100713

Reviewed by George Staikos.

We will disable redirect to data scheme to avoid potential security concern,
described in klevjers.com/papers/phishing.pdf.

* platform/network/blackberry/NetworkJob.cpp:
(WebCore::NetworkJob::handleRedirect):


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@132867 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent b74ba8f5
2012-10-29 Charles Wei <charles.wei@torchmobile.com.cn>
[BlackBerry] Disable redirect to data scheme for potential fishing.
https://bugs.webkit.org/show_bug.cgi?id=100713
Reviewed by George Staikos.
We will disable redirect to data scheme to avoid potential security concern,
described in klevjers.com/papers/phishing.pdf.
* platform/network/blackberry/NetworkJob.cpp:
(WebCore::NetworkJob::handleRedirect):
2012-10-29 Vincent Scheib <scheib@chromium.org>
Unreviewed, rolling out r132845.
......@@ -604,6 +604,11 @@ bool NetworkJob::handleRedirect()
if (!newURL.isValid())
return false;
if (newURL.protocolIsData()) {
m_extendedStatusCode = BlackBerry::Platform::FilterStream::StatusInvalidRedirectToData;
return false;
}
ResourceRequest newRequest = m_handle->firstRequest();
newRequest.setURL(newURL);
newRequest.setMustHandleInternally(true);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment