DescriptionMake sure that HttpRequestHeaders contains valid key-value pairs.
Tracked down all uses of SetHeader() and SetHeaderIfMissing() and added
input validation where necessary (using the new IsValidHeader{Name,Value}
methods in http_util, moved from web_request_api_helpers).
After that, I added a DCHECK which serves as documentation to the users
of http_request_headers: The input must not contain illegal characters.
BUG=390458
Committed: https://crrev.com/7aad4986b5ab03e70d7390e99f3f2e9da6b521ae
Cr-Commit-Position: refs/heads/master@{#291761}
Patch Set 1 : #
Total comments: 2
Patch Set 2 : edit comment #Messages
Total messages: 10 (0 generated)
|