Chromium Code Reviews Chromium Code Reviews
Issue 817103002:
Only take basename of default_file_name when starting a File Chooser. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: content/browser/renderer_host/render_view_host_impl.cc |
| diff --git a/content/browser/renderer_host/render_view_host_impl.cc b/content/browser/renderer_host/render_view_host_impl.cc |
| index 12dded9c853882da9d9a61a14a3864691aaa0d57..a21ae696a30e647f38b7cab0b265e52c9e22d475 100644 |
| --- a/content/browser/renderer_host/render_view_host_impl.cc |
| +++ b/content/browser/renderer_host/render_view_host_impl.cc |
| @@ -1445,6 +1445,14 @@ void RenderViewHostImpl::OnDidZoomURL(double zoom_level, |
| } |
| void RenderViewHostImpl::OnRunFileChooser(const FileChooserParams& params) { |
| + // Do not allow messages with absolute paths in them as this can permit a |
| + // renderer to coerce the browser to perform I/O on a renderer controlled |
| + // path. |
| + if (params.default_file_name.IsAbsolute()) { |
|
Lei Zhang
2015/01/05 22:43:55
Should we check and make sure the file name does n
|
| + GetProcess()->ReceivedBadMessage(); |
| + return; |
| + } |
| + |
| delegate_->RunFileChooser(this, params); |
| } |
