Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(20)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_content_disposition.cc

Issue 2225933004: Avoid adding invalid headers in AddHeaderFromString (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/http/http_request_headers.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/http_content_disposition.h" 5 #include "net/http/http_content_disposition.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/strings/string_piece.h"
9 #include "base/strings/string_tokenizer.h" 10 #include "base/strings/string_tokenizer.h"
10 #include "base/strings/string_util.h" 11 #include "base/strings/string_util.h"
11 #include "base/strings/sys_string_conversions.h" 12 #include "base/strings/sys_string_conversions.h"
12 #include "base/strings/utf_string_conversions.h" 13 #include "base/strings/utf_string_conversions.h"
13 #include "net/base/escape.h" 14 #include "net/base/escape.h"
14 #include "net/base/net_string_util.h" 15 #include "net/base/net_string_util.h"
15 #include "net/http/http_util.h" 16 #include "net/http/http_util.h"
16 17
17 namespace net { 18 namespace net {
18 19
(...skipping 318 matching lines...) Expand 10 before | Expand all | Expand 10 after
337 parse_result_flags_(INVALID) { 338 parse_result_flags_(INVALID) {
338 Parse(header, referrer_charset); 339 Parse(header, referrer_charset);
339 } 340 }
340 341
341 HttpContentDisposition::~HttpContentDisposition() { 342 HttpContentDisposition::~HttpContentDisposition() {
342 } 343 }
343 344
344 std::string::const_iterator HttpContentDisposition::ConsumeDispositionType( 345 std::string::const_iterator HttpContentDisposition::ConsumeDispositionType(
345 std::string::const_iterator begin, std::string::const_iterator end) { 346 std::string::const_iterator begin, std::string::const_iterator end) {
346 DCHECK(type_ == INLINE); 347 DCHECK(type_ == INLINE);
347 std::string::const_iterator delimiter = std::find(begin, end, ';'); 348 base::StringPiece header(begin, end);
348 349 size_t delimiter = header.find(';');
349 std::string::const_iterator type_begin = begin; 350 base::StringPiece type = header.substr(0, delimiter);
350 std::string::const_iterator type_end = delimiter; 351 type = HttpUtil::TrimLWS(type);
351 HttpUtil::TrimLWS(&type_begin, &type_end);
352 352
353 // If the disposition-type isn't a valid token the then the 353 // If the disposition-type isn't a valid token the then the
354 // Content-Disposition header is malformed, and we treat the first bytes as 354 // Content-Disposition header is malformed, and we treat the first bytes as
355 // a parameter rather than a disposition-type. 355 // a parameter rather than a disposition-type.
356 if (!HttpUtil::IsToken(type_begin, type_end)) 356 if (type.empty() || !HttpUtil::IsToken(type))
357 return begin; 357 return begin;
358 358
359 parse_result_flags_ |= HAS_DISPOSITION_TYPE; 359 parse_result_flags_ |= HAS_DISPOSITION_TYPE;
360 360
361 DCHECK(std::find(type_begin, type_end, '=') == type_end); 361 DCHECK(type.find('=') == base::StringPiece::npos);
362 362
363 if (base::LowerCaseEqualsASCII(base::StringPiece(type_begin, type_end), 363 if (base::LowerCaseEqualsASCII(type, "inline")) {
364 "inline")) {
365 type_ = INLINE; 364 type_ = INLINE;
366 } else if (base::LowerCaseEqualsASCII(base::StringPiece(type_begin, type_end), 365 } else if (base::LowerCaseEqualsASCII(type, "attachment")) {
367 "attachment")) {
368 type_ = ATTACHMENT; 366 type_ = ATTACHMENT;
369 } else { 367 } else {
370 parse_result_flags_ |= HAS_UNKNOWN_DISPOSITION_TYPE; 368 parse_result_flags_ |= HAS_UNKNOWN_DISPOSITION_TYPE;
371 type_ = ATTACHMENT; 369 type_ = ATTACHMENT;
372 } 370 }
373 return delimiter; 371 return begin + (type.data() + type.size() - header.data());
374 } 372 }
375 373
376 // http://tools.ietf.org/html/rfc6266 374 // http://tools.ietf.org/html/rfc6266
377 // 375 //
378 // content-disposition = "Content-Disposition" ":" 376 // content-disposition = "Content-Disposition" ":"
379 // disposition-type *( ";" disposition-parm ) 377 // disposition-type *( ";" disposition-parm )
380 // 378 //
381 // disposition-type = "inline" | "attachment" | disp-ext-type 379 // disposition-type = "inline" | "attachment" | disp-ext-type
382 // ; case-insensitive 380 // ; case-insensitive
383 // disp-ext-type = token 381 // disp-ext-type = token
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
423 } 421 }
424 } 422 }
425 423
426 if (!ext_filename.empty()) 424 if (!ext_filename.empty())
427 filename_ = ext_filename; 425 filename_ = ext_filename;
428 else 426 else
429 filename_ = filename; 427 filename_ = filename;
430 } 428 }
431 429
432 } // namespace net 430 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/http/http_request_headers.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698