diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-13 11:10:46 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-13 12:02:21 +0000 |
commit | 42b4075a690d594876a71f0a835e83ee50c10500 (patch) | |
tree | d39f92fd1ed00ece26af46608e13ba88d88e64ec /chromium | |
parent | 297b64d3d7d7134f877b664ca60b22abe13a0fd2 (diff) | |
download | qtwebengine-chromium-42b4075a690d594876a71f0a835e83ee50c10500.tar.gz |
[Backport] Fix for CVE-2019-5783
[DevTools] Fix request preview for URI encoded html
Bug: 895081
Change-Id: I49c6131e1cc432e470e4b04353282d3ebebcb063
Reviewed-on: https://chromium-review.googlesource.com/c/1286758
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Joey Arhar <jarhar@chromium.org>
Cr-Commit-Position: refs/heads/master@{#601792}
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
Diffstat (limited to 'chromium')
-rw-r--r-- | chromium/third_party/blink/renderer/devtools/front_end/network/RequestHTMLView.js | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/chromium/third_party/blink/renderer/devtools/front_end/network/RequestHTMLView.js b/chromium/third_party/blink/renderer/devtools/front_end/network/RequestHTMLView.js index 6108fd709d4..e2b85ba9af8 100644 --- a/chromium/third_party/blink/renderer/devtools/front_end/network/RequestHTMLView.js +++ b/chromium/third_party/blink/renderer/devtools/front_end/network/RequestHTMLView.js @@ -63,7 +63,7 @@ Network.RequestHTMLView = class extends UI.VBox { const iframe = createElement('iframe'); iframe.className = 'html-preview-frame'; iframe.setAttribute('sandbox', ''); // Forbid to run JavaScript and set unique origin. - iframe.setAttribute('src', this._dataURL); + iframe.setAttribute('src', encodeURI(this._dataURL)); iframe.setAttribute('tabIndex', -1); this.contentElement.appendChild(iframe); } |