| Index: webkit/common/database/database_identifier.cc
|
| diff --git a/webkit/common/database/database_identifier.cc b/webkit/common/database/database_identifier.cc
|
| index c4649d2b9ca126dece8e136c22fdebb654cbbfd8..7bd53f77034cdc275a28bbed44b711f15922d04e 100644
|
| --- a/webkit/common/database/database_identifier.cc
|
| +++ b/webkit/common/database/database_identifier.cc
|
| @@ -58,6 +58,13 @@ DatabaseIdentifier DatabaseIdentifier::CreateFromOrigin(const GURL& origin) {
|
| DatabaseIdentifier DatabaseIdentifier::Parse(const std::string& identifier) {
|
| if (!base::IsStringASCII(identifier))
|
| return DatabaseIdentifier();
|
| + if (identifier.find("..") != std::string::npos)
|
| + return DatabaseIdentifier();
|
| + char forbidden[] = {'\\', '/', ':' ,'\0'};
|
| + if (identifier.find_first_of(forbidden, 0, arraysize(forbidden)) !=
|
| + std::string::npos) {
|
| + return DatabaseIdentifier();
|
| + }
|
|
|
| size_t first_underscore = identifier.find_first_of('_');
|
| if (first_underscore == std::string::npos || first_underscore == 0)
|
|
|
Chromium Code Reviews
Issue 199153003:
Look closer at the components of vfsfilenames that are used filenames. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src