diff options
author | John Mark Bell <jmb@netsurf-browser.org> | 2010-04-11 14:06:02 +0000 |
---|---|---|
committer | John Mark Bell <jmb@netsurf-browser.org> | 2010-04-11 14:06:02 +0000 |
commit | 863d5c77c31ed01001c2671b90741e964f6f98db (patch) | |
tree | ca04a7d9a5ce04ae1b6a3c5c41172c5be3728179 /content | |
parent | 40bac34ffd6d0e0483defd0ffe233648e0e7faa6 (diff) | |
download | netsurf-863d5c77c31ed01001c2671b90741e964f6f98db.tar.gz netsurf-863d5c77c31ed01001c2671b90741e964f6f98db.tar.bz2 |
Forbid redirects to file:/// URLs
svn path=/trunk/netsurf/; revision=10352
Diffstat (limited to 'content')
-rw-r--r-- | content/llcache.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/content/llcache.c b/content/llcache.c index b09f1bab6..aee22c585 100644 --- a/content/llcache.c +++ b/content/llcache.c @@ -1590,6 +1590,7 @@ nserror llcache_fetch_redirect(llcache_object *object, const char *target, llcache_object_user *user, *next; const llcache_post_data *post = object->fetch.post; char *url, *absurl; + char *scheme; url_func_result result; /* Extract HTTP response code from the fetch object */ long http_code = fetch_http_code(object->fetch.fetch); @@ -1640,7 +1641,20 @@ nserror llcache_fetch_redirect(llcache_object *object, const char *target, return NSERROR_NOMEM; } - /** \todo Ensure that redirects to file:/// don't happen? */ + /* Ensure that redirects to file:/// don't happen */ + result = url_scheme(url, &scheme); + if (result != URL_FUNC_OK) { + free(url); + return NSERROR_NOMEM; + } + + if (strcasecmp(scheme, "file") == 0) { + free(scheme); + free(url); + return NSERROR_OK; + } + + free(scheme); /* Bail out if we've no way of handling this URL */ if (fetch_can_fetch(url) == false) { |