diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-01 17:21:12 +0100 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-06 09:52:27 +0000 |
| commit | c0f8161a7658fe99ac69068201d39b8ec0d5a63d (patch) | |
| tree | dca1341e2fa5f050a4b4ee568ef731e057d65310 | |
| parent | 69210928ceaa813f988bcfd895537f819571cb7d (diff) | |
| download | qtwebengine-chromium-c0f8161a7658fe99ac69068201d39b8ec0d5a63d.tar.gz | |
[Backport] Fix for security issue 922677
Disable FileSystemManager::CreateWriter if WritableFiles isn't enabled.
TBR=mek@chromium.org
(cherry picked from commit f045c704568e9cf6279b3cbccbec6d86c35f8a13)
Bug: 922677
Change-Id: Ib16137cbabb2ec07f1ffc0484722f1d9cc533404
Reviewed-on: https://chromium-review.googlesource.com/c/1416570
Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
Reviewed-by: Victor Costan <pwnall@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#623552}
Reviewed-on: https://chromium-review.googlesource.com/c/1427044
Reviewed-by: Marijn Kruisselbrink <mek@chromium.org>
Cr-Commit-Position: refs/branch-heads/3626@{#755}
Cr-Branched-From: d897fb137fbaaa9355c0c93124cc048824eb1e65-refs/heads/master@{#612437}
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
| -rw-r--r-- | chromium/content/browser/fileapi/fileapi_message_filter.cc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/chromium/content/browser/fileapi/fileapi_message_filter.cc b/chromium/content/browser/fileapi/fileapi_message_filter.cc index 1e427681d69..0d375b53f8e 100644 --- a/chromium/content/browser/fileapi/fileapi_message_filter.cc +++ b/chromium/content/browser/fileapi/fileapi_message_filter.cc @@ -278,6 +278,11 @@ void FileAPIMessageFilter::OnCreate( int request_id, const GURL& path, bool exclusive, bool is_directory, bool recursive) { DCHECK_CURRENTLY_ON(BrowserThread::IO); + + // This depends on a default off feature not even introduced in Chromium 69: + // blink::features::kWritableFilesAPI. + return; + FileSystemURL url(context_->CrackURL(path)); if (!ValidateFileSystemURL(request_id, url)) return; |