diff options
Diffstat (limited to 'content/llcache.c')
-rw-r--r-- | content/llcache.c | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/content/llcache.c b/content/llcache.c index 64e37915a..a7c8cbe06 100644 --- a/content/llcache.c +++ b/content/llcache.c @@ -1952,6 +1952,7 @@ nserror llcache_fetch_redirect(llcache_object *object, const char *target, const llcache_post_data *post = object->fetch.post; char *url, *absurl; char *scheme; + char *object_scheme; url_func_result result; /* Extract HTTP response code from the fetch object */ long http_code = fetch_http_code(object->fetch.fetch); @@ -1999,20 +2000,34 @@ nserror llcache_fetch_redirect(llcache_object *object, const char *target, return NSERROR_NOMEM; } - /* Ensure that redirects to file:/// don't happen */ - result = url_scheme(url, &scheme); + /* Ensure that redirects to file:/// only happen for valid schemes */ + result = url_scheme(object->url, &object_scheme); if (result != URL_FUNC_OK) { free(url); return NSERROR_NOMEM; } - if (strcasecmp(scheme, "file") == 0) { - free(scheme); + result = url_scheme(url, &scheme); + if (result != URL_FUNC_OK) { free(url); - return NSERROR_OK; + return NSERROR_NOMEM; + } + + /* resource is allowed to redirect anywhere */ + if ((strcasecmp(object_scheme, "resource") != 0) && + (strcasecmp(object_scheme, "about") != 0)) { + /* file, about and resource are not valid redirect targets */ + if ((strcasecmp(scheme, "file") == 0) || + (strcasecmp(scheme, "about") == 0) || + (strcasecmp(scheme, "resource") == 0)) { + free(scheme); + free(url); + return NSERROR_OK; + } } free(scheme); + free(object_scheme); /* Bail out if we've no way of handling this URL */ if (fetch_can_fetch(url) == false) { |