Chromium Code Reviews Chromium Code Reviews
Issue 2447293002:
Don't call lower() on KURL protocol/host (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * (C) 2001 Dirk Mueller (mueller@kde.org) | 4 * (C) 2001 Dirk Mueller (mueller@kde.org) |
| 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) | 5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org) |
| 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All | 6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2011, 2012 Apple Inc. All |
| 7 * rights reserved. | 7 * rights reserved. |
| 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
| 9 * (http://www.torchmobile.com/) | 9 * (http://www.torchmobile.com/) |
| 10 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. | 10 * Copyright (C) 2008, 2009, 2011, 2012 Google Inc. All rights reserved. |
| (...skipping 4385 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 4396 "' scheme."); | 4396 "' scheme."); |
| 4397 return; | 4397 return; |
| 4398 } | 4398 } |
| 4399 | 4399 |
| 4400 if (newDomain.isEmpty()) { | 4400 if (newDomain.isEmpty()) { |
| 4401 exceptionState.throwSecurityError("'" + newDomain + | 4401 exceptionState.throwSecurityError("'" + newDomain + |
| 4402 "' is an empty domain."); | 4402 "' is an empty domain."); |
| 4403 return; | 4403 return; |
| 4404 } | 4404 } |
| 4405 | 4405 |
| 4406 OriginAccessEntry accessEntry(getSecurityOrigin()->protocol(), newDomain, | 4406 // TODO(csharrison): Should probably ensure newDomain is canonical rather than |
|
brettw
2016/10/26 17:51:46
definitely!
Charlie Harrison
2016/10/26 18:10:59
Yes, it looks like we are missing step 4 here (par
| |
| 4407 // just lowercasing it. | |
| 4408 OriginAccessEntry accessEntry(getSecurityOrigin()->protocol(), | |
| 4409 newDomain.lower(), | |
| 4407 OriginAccessEntry::AllowSubdomains); | 4410 OriginAccessEntry::AllowSubdomains); |
| 4408 OriginAccessEntry::MatchResult result = | 4411 OriginAccessEntry::MatchResult result = |
| 4409 accessEntry.matchesOrigin(*getSecurityOrigin()); | 4412 accessEntry.matchesOrigin(*getSecurityOrigin()); |
| 4410 if (result == OriginAccessEntry::DoesNotMatchOrigin) { | 4413 if (result == OriginAccessEntry::DoesNotMatchOrigin) { |
| 4411 exceptionState.throwSecurityError( | 4414 exceptionState.throwSecurityError( |
| 4412 "'" + newDomain + "' is not a suffix of '" + domain() + "'."); | 4415 "'" + newDomain + "' is not a suffix of '" + domain() + "'."); |
| 4413 return; | 4416 return; |
| 4414 } | 4417 } |
| 4415 | 4418 |
| 4416 if (result == OriginAccessEntry::MatchesOriginButIsPublicSuffix) { | 4419 if (result == OriginAccessEntry::MatchesOriginButIsPublicSuffix) { |
| (...skipping 1993 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 6410 } | 6413 } |
| 6411 | 6414 |
| 6412 void showLiveDocumentInstances() { | 6415 void showLiveDocumentInstances() { |
| 6413 WeakDocumentSet& set = liveDocumentSet(); | 6416 WeakDocumentSet& set = liveDocumentSet(); |
| 6414 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); | 6417 fprintf(stderr, "There are %u documents currently alive:\n", set.size()); |
| 6415 for (Document* document : set) | 6418 for (Document* document : set) |
| 6416 fprintf(stderr, "- Document %p URL: %s\n", document, | 6419 fprintf(stderr, "- Document %p URL: %s\n", document, |
| 6417 document->url().getString().utf8().data()); | 6420 document->url().getString().utf8().data()); |
| 6418 } | 6421 } |
| 6419 #endif | 6422 #endif |
| OLD | NEW |
