RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-31 16:02:45 +00:00
Code Issues Activity Actions

LibWeb: Reject iframing file:// URLs if document is not a file:// URL

Browse source
This commit is contained in:
Brendan Coles 2020-11-07 09:51:22 +00:00 committed by Andreas Kling
parent 8928607455
commit a950d3dd5f
1 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Libraries/LibWeb/HTML/HTMLIFrameElement.cpp
View file

@ -74,13 +74,17 @@ void HTMLIFrameElement::document_will_detach_from_frame(Frame&)
void HTMLIFrameElement::load_src(const String& value)
{
dbg() << "Loading iframe document from " << value;
auto url = document().complete_url(value);
if (!url.is_valid()) {
dbg() << "Actually no I'm not, because the URL is not valid :(";
dbg() << "iframe failed to load URL: Invalid URL: " << value;
return;
}
if (url.protocol() == "file" && content_origin().protocol() != "file") {
dbg() << "iframe failed to load URL: Security violation: " << document().url() << " may not load " << value;
return;
}
dbg() << "Loading iframe document from " << value;
m_content_frame->loader().load(url, FrameLoader::Type::IFrame);
}