diff options
| author | Moonchild <moonchild@palemoon.org> | 2020-08-13 12:10:54 +0000 |
|---|---|---|
| committer | Moonchild <moonchild@palemoon.org> | 2020-08-13 12:10:54 +0000 |
| commit | 11285cd0d6ef7de80d22187b99376602ed547214 (patch) | |
| tree | 034c72eea2e7838b08abd00f37acf8e3c9e97949 /uriloader | |
| parent | e1e535c1c6372f95b4a14b6a00b6d6e7be400c3b (diff) | |
| parent | d3383327a749ddb5c0626146c6f83bdfa3ea9936 (diff) | |
| download | UXP-11285cd0d6ef7de80d22187b99376602ed547214.tar UXP-11285cd0d6ef7de80d22187b99376602ed547214.tar.gz UXP-11285cd0d6ef7de80d22187b99376602ed547214.tar.lz UXP-11285cd0d6ef7de80d22187b99376602ed547214.tar.xz UXP-11285cd0d6ef7de80d22187b99376602ed547214.zip | |
Merge branch 'master' into es-modules-work
Diffstat (limited to 'uriloader')
| -rw-r--r-- | uriloader/exthandler/nsExternalHelperAppService.cpp | 9 | ||||
| -rw-r--r-- | uriloader/prefetch/nsOfflineCacheUpdate.cpp | 8 |
2 files changed, 14 insertions, 3 deletions
diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 49a54ea5f..0ca3d7edf 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -1181,9 +1181,12 @@ nsExternalAppHandler::nsExternalAppHandler(nsIMIMEInfo * aMIMEInfo, mTempFileExtension = char16_t('.'); AppendUTF8toUTF16(aTempFileExtension, mTempFileExtension); - // replace platform specific path separator and illegal characters to avoid any confusion - mSuggestedFileName.ReplaceChar(KNOWN_PATH_SEPARATORS FILE_ILLEGAL_CHARACTERS, '_'); - mTempFileExtension.ReplaceChar(KNOWN_PATH_SEPARATORS FILE_ILLEGAL_CHARACTERS, '_'); + // Replace platform specific path separator and illegal characters to avoid any confusion + mSuggestedFileName.ReplaceChar(KNOWN_PATH_SEPARATORS, '_'); + mSuggestedFileName.ReplaceChar(FILE_ILLEGAL_CHARACTERS, ' '); + mSuggestedFileName.ReplaceChar(char16_t(0), '_'); + mTempFileExtension.ReplaceChar(KNOWN_PATH_SEPARATORS, '_'); + mTempFileExtension.ReplaceChar(FILE_ILLEGAL_CHARACTERS, ' '); // Remove unsafe bidi characters which might have spoofing implications (bug 511521). const char16_t unsafeBidiCharacters[] = { diff --git a/uriloader/prefetch/nsOfflineCacheUpdate.cpp b/uriloader/prefetch/nsOfflineCacheUpdate.cpp index 4b6cd4d0c..8a4183429 100644 --- a/uriloader/prefetch/nsOfflineCacheUpdate.cpp +++ b/uriloader/prefetch/nsOfflineCacheUpdate.cpp @@ -948,6 +948,14 @@ nsOfflineManifestItem::HandleManifestLine(const nsCString::const_iterator &aBegi mStrictFileOriginPolicy)) break; + // Check fallback path for disallowed encoded path separators
+ nsAutoCString path;
+ fallbackURI->GetFilePath(path);
+ if (path.Find("%2f") != kNotFound || path.Find("%2F") != kNotFound) {
+ LogToConsole("Offline cache manifest bad fallback path", this);
+ break;
+ }
+ mFallbackURIs.AppendObject(fallbackURI); AddNamespace(nsIApplicationCacheNamespace::NAMESPACE_FALLBACK, |