Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(889)

Unified Diff: net/spdy/spdy_proxy_client_socket.cc

Issue 769043003: Sanitize headers in Proxy Authentication Required responses (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix sleevi's nit Created 5 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/proxy_client_socket.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/spdy/spdy_proxy_client_socket.cc
diff --git a/net/spdy/spdy_proxy_client_socket.cc b/net/spdy/spdy_proxy_client_socket.cc
index afc19534c0526570bdfdcc4b76a8177d45ae589d..661cfd99a7be6a60fe18edb209d21d33a21160ee 100644
--- a/net/spdy/spdy_proxy_client_socket.cc
+++ b/net/spdy/spdy_proxy_client_socket.cc
@@ -414,20 +414,24 @@ int SpdyProxyClientSocket::DoReadReplyComplete(int result) {
case 302: // Found / Moved Temporarily
// Try to return a sanitized response so we can follow auth redirects.
// If we can't, fail the tunnel connection.
- if (SanitizeProxyRedirect(&response_, request_.url)) {
- redirect_has_load_timing_info_ =
- spdy_stream_->GetLoadTimingInfo(&redirect_load_timing_info_);
- // Note that this triggers a RST_STREAM_CANCEL.
- spdy_stream_->DetachDelegate();
- next_state_ = STATE_DISCONNECTED;
- return ERR_HTTPS_PROXY_TUNNEL_RESPONSE;
- } else {
+ if (!SanitizeProxyRedirect(&response_)) {
LogBlockedTunnelResponse();
return ERR_TUNNEL_CONNECTION_FAILED;
}
+ redirect_has_load_timing_info_ =
+ spdy_stream_->GetLoadTimingInfo(&redirect_load_timing_info_);
+ // Note that this triggers a RST_STREAM_CANCEL.
+ spdy_stream_->DetachDelegate();
+ next_state_ = STATE_DISCONNECTED;
+ return ERR_HTTPS_PROXY_TUNNEL_RESPONSE;
+
case 407: // Proxy Authentication Required
next_state_ = STATE_OPEN;
+ if (!SanitizeProxyAuth(&response_)) {
+ LogBlockedTunnelResponse();
+ return ERR_TUNNEL_CONNECTION_FAILED;
+ }
return HandleProxyAuthChallenge(auth_.get(), &response_, net_log_);
default:
« no previous file with comments | « net/http/proxy_client_socket.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698