Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(641)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: storage/common/fileapi/file_system_util.cc

Issue 1180393003: Added characters that look like padlocks to URL unescaping blacklist. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rename NON_DISPLAY_CHARS to SPOOFING_AND_CONTROL_CHARS. Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/base/escape_unittest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "storage/common/fileapi/file_system_util.h" 5 #include "storage/common/fileapi/file_system_util.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/strings/string_util.h" 10 #include "base/strings/string_util.h"
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after
175 file_system_type = kValidTypes[i].type; 175 file_system_type = kValidTypes[i].type;
176 break; 176 break;
177 } 177 }
178 } 178 }
179 179
180 if (file_system_type == kFileSystemTypeUnknown) 180 if (file_system_type == kFileSystemTypeUnknown)
181 return false; 181 return false;
182 182
183 std::string path = net::UnescapeURLComponent(url.path(), 183 std::string path = net::UnescapeURLComponent(url.path(),
184 net::UnescapeRule::SPACES | net::UnescapeRule::URL_SPECIAL_CHARS | 184 net::UnescapeRule::SPACES | net::UnescapeRule::URL_SPECIAL_CHARS |
185 net::UnescapeRule::CONTROL_CHARS); 185 net::UnescapeRule::SPOOFING_AND_CONTROL_CHARS);
186 186
187 // Ensure the path is relative. 187 // Ensure the path is relative.
188 while (!path.empty() && path[0] == '/') 188 while (!path.empty() && path[0] == '/')
189 path.erase(0, 1); 189 path.erase(0, 1);
190 190
191 base::FilePath converted_path = base::FilePath::FromUTF8Unsafe(path); 191 base::FilePath converted_path = base::FilePath::FromUTF8Unsafe(path);
192 192
193 // All parent references should have been resolved in the renderer. 193 // All parent references should have been resolved in the renderer.
194 if (converted_path.ReferencesParent()) 194 if (converted_path.ReferencesParent())
195 return false; 195 return false;
(...skipping 303 matching lines...) Expand 10 before | Expand all | Expand 10 after
499 return base::File::FILE_ERROR_ABORT; 499 return base::File::FILE_ERROR_ABORT;
500 case net::ERR_ADDRESS_INVALID: 500 case net::ERR_ADDRESS_INVALID:
501 case net::ERR_INVALID_URL: 501 case net::ERR_INVALID_URL:
502 return base::File::FILE_ERROR_INVALID_URL; 502 return base::File::FILE_ERROR_INVALID_URL;
503 default: 503 default:
504 return base::File::FILE_ERROR_FAILED; 504 return base::File::FILE_ERROR_FAILED;
505 } 505 }
506 } 506 }
507 507
508 } // namespace storage 508 } // namespace storage
OLDNEW
« no previous file with comments | « net/base/escape_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698