LibWeb: Add port blacklist for ResourceLoader::load

`ResourceLoader::load` now rejects URLs which specify a `port` associated with network services known to be vulnerable to inter-protocol exploitation. Fixes #1735
2025-05-31 20:28:11 +00:00 · 2020-04-12 04:01:34 +00:00 · 2020-04-12 04:01:34 +00:00 · 2d699cd5da
commit 2d699cd5da
parent c8d0a2eb3c
2 changed files with 18 additions and 0 deletions
--- a/Libraries/LibWeb/ResourceLoader.h
+++ b/Libraries/LibWeb/ResourceLoader.h
@ -55,6 +55,7 @@ private:

    Protocol::Client& protocol_client() { return *m_protocol_client; }
    RefPtr<Protocol::Client> m_protocol_client;
+    bool is_port_blocked(int port);
 };

 }