diff options
author | Jan-Michael Brummer <jan.brummer@tabos.org> | 2019-05-02 21:54:37 +0200 |
---|---|---|
committer | Jan-Michael Brummer <jan.brummer@tabos.org> | 2019-05-03 09:14:50 +0000 |
commit | b6deb6e58ed528ef824593d4058d43f120fcfd8d (patch) | |
tree | 12230de7db26a173958496acc7db9ae6deba6f9f /lib | |
parent | ef9cf0172ef8928d0951a44a25e0f68ee0e14b8a (diff) | |
download | epiphany-b6deb6e58ed528ef824593d4058d43f120fcfd8d.tar.gz |
Extend ephy_web_application_is_uri_allowed () to check for data: and blob: uri
Fixes: https://gitlab.gnome.org/GNOME/epiphany/issues/593
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ephy-web-app-utils.c | 31 | ||||
-rw-r--r-- | lib/ephy-web-app-utils.h | 2 |
2 files changed, 31 insertions, 2 deletions
diff --git a/lib/ephy-web-app-utils.c b/lib/ephy-web-app-utils.c index 97f3f2420..63596f0b9 100644 --- a/lib/ephy-web-app-utils.c +++ b/lib/ephy-web-app-utils.c @@ -759,14 +759,43 @@ ephy_web_application_initialize_settings (const char *profile_directory) g_free (name); } +static gboolean +urls_have_same_origin (const char *a_url, + const char *b_url) +{ + SoupURI *a_uri, *b_uri; + gboolean retval = FALSE; + + a_uri = soup_uri_new (a_url); + if (!a_uri) + return retval; + + b_uri = soup_uri_new (b_url); + if (b_uri) { + retval = a_uri->host && b_uri->host && soup_uri_host_equal (a_uri, b_uri); + soup_uri_free (b_uri); + } + + soup_uri_free (a_uri); + + return retval; +} + gboolean -ephy_web_application_is_uri_allowed (const char* uri) +ephy_web_application_is_uri_allowed (const char *uri, + const char *referrer) { SoupURI *request_uri; char **urls; guint i; gboolean matched = FALSE; + if (g_str_has_prefix (uri, "blob:") || g_str_has_prefix (uri, "data:")) + return TRUE; + + if (urls_have_same_origin (uri, referrer)) + return TRUE; + if (g_strcmp0 (uri, "about:blank") == 0) return TRUE; diff --git a/lib/ephy-web-app-utils.h b/lib/ephy-web-app-utils.h index 18cba3939..3080f9970 100644 --- a/lib/ephy-web-app-utils.h +++ b/lib/ephy-web-app-utils.h @@ -67,7 +67,7 @@ void ephy_web_application_free_application_list (GList *list); void ephy_web_application_initialize_settings (const char *profile_directory); -gboolean ephy_web_application_is_uri_allowed (const char* uri); +gboolean ephy_web_application_is_uri_allowed (const char *uri, const char *referrer); gboolean ephy_web_application_save (EphyWebApplication *app); |