Changeset 212972 in webkit
- Timestamp:
- Feb 24, 2017 4:02:24 PM (7 years ago)
- Location:
- trunk
- Files:
-
- 6 added
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r212966 r212972 1 2017-02-24 Chris Dumez <cdumez@apple.com> 2 3 Download attribute should be sanitized before being used as suggested filename 4 https://bugs.webkit.org/show_bug.cgi?id=168839 5 <rdar://problem/30683109> 6 7 Reviewed by Darin Adler. 8 9 Add layout test coverage. 10 11 * fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-doublequote-expected.txt: Added. 12 * fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-doublequote.html: Added. 13 * fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-slashes-expected.txt: Added. 14 * fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-slashes.html: Added. 15 * fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-unicode-expected.txt: Added. 16 * fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-unicode.html: Added. 17 * platform/ios-simulator-wk1/TestExpectations: 18 * platform/ios-simulator-wk2/TestExpectations: 19 * platform/mac-wk1/TestExpectations: 20 * platform/win/TestExpectations: 21 1 22 2017-02-24 Antti Koivisto <antti@apple.com> 2 23 -
trunk/LayoutTests/platform/ios-simulator-wk1/TestExpectations
r212235 r212972 1328 1328 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-download-user-triggered-synthetic-click.html [ Skip ] 1329 1329 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download.html [ Skip ] 1330 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-doublequote.html [ Skip ] 1331 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-slashes.html [ Skip ] 1332 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-unicode.html [ Skip ] 1330 1333 webkit.org/b/156069 http/tests/download/area-download.html [ Skip ] 1331 1334 webkit.org/b/156069 http/tests/security/anchor-download-allow-blob.html [ Skip ] -
trunk/LayoutTests/platform/ios-simulator-wk2/TestExpectations
r212812 r212972 1816 1816 webkit.org/b/156067 fast/dom/HTMLAnchorElement/anchor-file-blob-convert-to-download.html [ Skip ] 1817 1817 webkit.org/b/156067 fast/dom/HTMLAnchorElement/anchor-file-blob-download.html [ Skip ] 1818 webkit.org/b/156067 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-doublequote.html [ Skip ] 1819 webkit.org/b/156067 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-slashes.html [ Skip ] 1820 webkit.org/b/156067 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-unicode.html [ Skip ] 1818 1821 webkit.org/b/156067 fast/dom/HTMLAnchorElement/anchor-file-blob-download-no-extension.html [ Skip ] 1819 1822 webkit.org/b/156067 fast/dom/HTMLAnchorElement/anchor-nodownload-set.html [ Skip ] -
trunk/LayoutTests/platform/mac-wk1/TestExpectations
r212812 r212972 215 215 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-download-user-triggered-synthetic-click.html [ Skip ] 216 216 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download.html [ Skip ] 217 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-doublequote.html [ Skip ] 218 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-slashes.html [ Skip ] 219 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-unicode.html [ Skip ] 217 220 webkit.org/b/156069 fast/dom/HTMLAnchorElement/anchor-file-blob-download-no-extension.html [ Skip ] 218 221 webkit.org/b/156069 http/tests/download/anchor-download-no-extension.html [ Skip ] -
trunk/LayoutTests/platform/win/TestExpectations
r212944 r212972 446 446 fast/dom/HTMLAnchorElement/anchor-download-user-triggered-synthetic-click.html [ Skip ] 447 447 fast/dom/HTMLAnchorElement/anchor-file-blob-download.html [ Skip ] 448 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-doublequote.html [ Skip ] 449 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-slashes.html [ Skip ] 450 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-unicode.html [ Skip ] 448 451 fast/dom/HTMLAnchorElement/anchor-file-blob-download-no-extension.html [ Skip ] 449 452 http/tests/download/anchor-download-no-extension.html [ Skip ] -
trunk/Source/WebCore/ChangeLog
r212968 r212972 1 2017-02-24 Chris Dumez <cdumez@apple.com> 2 3 Download attribute should be sanitized before being used as suggested filename 4 https://bugs.webkit.org/show_bug.cgi?id=168839 5 <rdar://problem/30683109> 6 7 Reviewed by Darin Adler. 8 9 Sanitize Download attribute before using it as a suggested filename for the download. 10 We rely on ResourceResponse's sanitizing of the suggested filename to do so, which has 11 the benefit of being consistent with downloads without the download attribute. 12 13 Tests: fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-doublequote.html 14 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-slashes.html 15 fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-unicode.html 16 17 * html/HTMLAnchorElement.cpp: 18 (WebCore::HTMLAnchorElement::handleClick): 19 * platform/network/ResourceResponseBase.cpp: 20 (WebCore::ResourceResponseBase::sanitizeSuggestedFilename): 21 * platform/network/ResourceResponseBase.h: 22 1 23 2017-02-24 Miguel Gomez <magomez@igalia.com> 2 24 -
trunk/Source/WebCore/html/HTMLAnchorElement.cpp
r211964 r212972 376 376 URL completedURL = document().completeURL(url.toString()); 377 377 378 auto downloadAttribute = nullAtom;378 String downloadAttribute; 379 379 #if ENABLE(DOWNLOAD_ATTRIBUTE) 380 380 if (RuntimeEnabledFeatures::sharedFeatures().downloadAttributeEnabled()) { … … 382 382 bool isSameOrigin = completedURL.protocolIsData() || document().securityOrigin().canRequest(completedURL); 383 383 if (isSameOrigin) 384 downloadAttribute = attributeWithoutSynchronization(downloadAttr);384 downloadAttribute = ResourceResponse::sanitizeSuggestedFilename(attributeWithoutSynchronization(downloadAttr)); 385 385 else if (hasAttributeWithoutSynchronization(downloadAttr)) 386 386 document().addConsoleMessage(MessageSource::Security, MessageLevel::Warning, "The download attribute on anchor was ignored because its href URL has a different security origin."); -
trunk/Source/WebCore/platform/network/ResourceResponseBase.cpp
r212944 r212972 225 225 } 226 226 227 String ResourceResponseBase::sanitizeSuggestedFilename(const String& suggestedFilename) 228 { 229 if (suggestedFilename.isEmpty()) 230 return suggestedFilename; 231 232 ResourceResponse response(URL(ParsedURLString, "http://example.com"), String(), -1, String()); 233 response.setHTTPStatusCode(200); 234 String escapedSuggestedFilename = String(suggestedFilename).replace('\"', "\\\""); 235 String value = makeString("attachment; filename=\"", escapedSuggestedFilename, '"'); 236 response.setHTTPHeaderField(HTTPHeaderName::ContentDisposition, value); 237 return response.suggestedFilename(); 238 } 239 227 240 bool ResourceResponseBase::isSuccessful() const 228 241 { -
trunk/Source/WebCore/platform/network/ResourceResponseBase.h
r212944 r212972 115 115 WEBCORE_EXPORT bool isAttachment() const; 116 116 WEBCORE_EXPORT String suggestedFilename() const; 117 WEBCORE_EXPORT static String sanitizeSuggestedFilename(const String&); 117 118 118 119 WEBCORE_EXPORT void includeCertificateInfo() const;
Note: See TracChangeset
for help on using the changeset viewer.