diff options
author | Danil Somsikov <dsv@chromium.org> | 2023-03-24 13:50:43 +0100 |
---|---|---|
committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2023-05-02 08:58:31 +0000 |
commit | a99df132095a77867b52ce933161380a88eaf245 (patch) | |
tree | 1cadca7f89b457efd88f324e7bd002eb09fa6870 | |
parent | 77e9a6c5028a9712490d65214a9882143c329ec5 (diff) | |
download | qtwebengine-chromium-a99df132095a77867b52ce933161380a88eaf245.tar.gz |
[Backport] CVE-2023-1813: Inappropriate implementation in Extensions
Manual cherry-pick of patch originally reviewed on
Use built-in URL class instead of string comparison in file URL check.
Bug: 1423258
Change-Id: Ie6ea865fbe363c138b372d45d98daf1db6434671
Reviewed-on: https://chromium-review.googlesource.com/c/devtools/devtools-frontend/+/4370246
Commit-Queue: Alex Gough <ajgo@chromium.org>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Auto-Submit: Danil Somsikov <dsv@chromium.org>
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/474366
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-rw-r--r-- | chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts b/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts index 108caac7823..7159168d81c 100644 --- a/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts +++ b/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts @@ -1138,7 +1138,11 @@ self.injectedExtensionAPI = function( } function canAccessResource(resource: APIImpl.ResourceData): boolean { - return extensionInfo.allowFileAccess || !resource.url.startsWith('file://'); + try { + return extensionInfo.allowFileAccess || (new URL(resource.url)).protocol !== 'file:'; + } catch (e) { + return false; + } } function InspectedWindow(this: PublicAPI.Chrome.DevTools.InspectedWindow): void { |