Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1623)

Unified Diff: Source/platform/network/HTTPParsers.cpp

Issue 90993003: X-XSS-Protection parser shoud reject '0; mode=block' (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag.pl ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/platform/network/HTTPParsers.cpp
diff --git a/Source/platform/network/HTTPParsers.cpp b/Source/platform/network/HTTPParsers.cpp
index 772188d21ae5cd135882ab668c53a9a25f92c082..32f1dc97cd6324fc21469142d1c5c8cc893a0fc4 100644
--- a/Source/platform/network/HTTPParsers.cpp
+++ b/Source/platform/network/HTTPParsers.cpp
@@ -355,6 +355,7 @@ void findCharsetInMediaType(const String& mediaType, unsigned& charsetPos, unsig
ReflectedXSSDisposition parseXSSProtectionHeader(const String& header, String& failureReason, unsigned& failurePosition, String& reportURL)
{
DEFINE_STATIC_LOCAL(String, failureReasonInvalidToggle, ("expected 0 or 1"));
+ DEFINE_STATIC_LOCAL(String, failureReasonInvalidDisable, ("'0' disables protections, and may not be followed by any characters"));
DEFINE_STATIC_LOCAL(String, failureReasonInvalidSeparator, ("expected semicolon"));
DEFINE_STATIC_LOCAL(String, failureReasonInvalidEquals, ("expected equals sign"));
DEFINE_STATIC_LOCAL(String, failureReasonInvalidMode, ("invalid mode directive"));
@@ -368,8 +369,14 @@ ReflectedXSSDisposition parseXSSProtectionHeader(const String& header, String& f
if (!skipWhiteSpace(header, pos, false))
return ReflectedXSSUnset;
- if (header[pos] == '0')
- return AllowReflectedXSS;
+ if (header[pos] == '0') {
+ pos++;
+ skipWhiteSpace(header, pos, false);
+ if (pos == header.length())
+ return AllowReflectedXSS;
Tom Sepez 2013/11/28 00:09:15 I'm almost inclined to suggest getting rid of the
+ failureReason = failureReasonInvalidDisable;
+ return ReflectedXSSInvalid;
+ }
if (header[pos++] != '1') {
failureReason = failureReasonInvalidToggle;
« no previous file with comments | « LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag.pl ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698