Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1809)

Unified Diff: Source/platform/network/HTTPParsers.cpp

Issue 1018903002: Show deprecation warnings for header values in XHR according to RFC 7230 (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue-expected.txt ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/platform/network/HTTPParsers.cpp
diff --git a/Source/platform/network/HTTPParsers.cpp b/Source/platform/network/HTTPParsers.cpp
index 29b7f5f2d128c47d16a63d16e8498d44dd6b0352..06aa4599b54bc1caf6ec37cb67db2b111c2ff4fa 100644
--- a/Source/platform/network/HTTPParsers.cpp
+++ b/Source/platform/network/HTTPParsers.cpp
@@ -107,21 +107,33 @@ static inline bool skipValue(const String& str, unsigned& pos)
return pos != start;
}
-bool isValidHTTPHeaderValue(const String& name)
+// See RFC 7230, Section 3.2.3.
+bool isValidHTTPHeaderValue(const String& value)
{
- // FIXME: This should really match name against
- // field-value in section 4.2 of RFC 2616.
+ UChar c = value[0];
tkent 2015/03/19 23:04:08 Looks this has an out-of-bound access issue nit:
shiva.jm 2015/03/20 06:23:52 These looks ok, if we just have value.length(), it
+ if (c == ' ' || c == '\t')
+ return false;
+
+ c = value[value.length() - 1];
tkent 2015/03/19 23:04:08 c -> char lastCharacter
+ if (c == ' ' || c == '\t')
+ return false;
- return name.containsOnlyLatin1() && !name.contains('\r') && !name.contains('\n') && !name.contains(static_cast<UChar>('\0'));
+ for (unsigned i = 0; i < value.length(); ++i) {
+ c = value[i];
+ if (c == 0x7F || c > 0xFF || (c < 0x20 && c != '\t'))
+ return false;
tkent 2015/03/19 23:04:08 wrong indentation
shiva.jm 2015/03/20 06:23:52 Done.
+ }
+
+ return true;
}
-// See RFC 2616, Section 2.2.
-bool isValidHTTPToken(const String& characters)
+// See RFC 7230, Section 3.2.6.
+bool isValidHTTPToken(const String& value)
{
- if (characters.isEmpty())
+ if (value.isEmpty())
return false;
- for (unsigned i = 0; i < characters.length(); ++i) {
- UChar c = characters[i];
+ for (unsigned i = 0; i < value.length(); ++i) {
+ UChar c = value[i];
if (c <= 0x20 || c >= 0x7F
|| c == '(' || c == ')' || c == '<' || c == '>' || c == '@'
|| c == ',' || c == ';' || c == ':' || c == '\\' || c == '"'
« no previous file with comments | « LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698