Diff
Modified: trunk/Source/WebKit/ChangeLog (250156 => 250157)
--- trunk/Source/WebKit/ChangeLog 2019-09-20 21:45:53 UTC (rev 250156)
+++ trunk/Source/WebKit/ChangeLog 2019-09-20 21:49:30 UTC (rev 250157)
@@ -1,3 +1,24 @@
+2019-09-20 Tim Horton <timothy_hor...@apple.com>
+
+ Sanitize suggested filenames used for saving PDFs
+ https://bugs.webkit.org/show_bug.cgi?id=202034
+ <rdar://problem/53183075>
+
+ Reviewed by Chris Dumez.
+
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::didFinishLoadingDataForCustomContentProvider):
+ (WebKit::WebPageProxy::saveDataToFileInDownloadsFolder):
+ (WebKit::WebPageProxy::savePDFToFileInDownloadsFolder):
+ * UIProcess/WebPageProxy.h:
+ * UIProcess/ios/WebPageProxyIOS.mm:
+ (WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw): Deleted.
+ * UIProcess/mac/WebPageProxyMac.mm:
+ (WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplication):
+ (WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw): Deleted.
+ Sanitize suggested filenames to ensure that they comprise only one path component
+ when concatenated with their destination directory.
+
2019-09-20 Chris Dumez <cdu...@apple.com>
Add release logging for when a view is added / removed from a window
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (250156 => 250157)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-09-20 21:45:53 UTC (rev 250156)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2019-09-20 21:49:30 UTC (rev 250157)
@@ -7684,7 +7684,7 @@
void WebPageProxy::didFinishLoadingDataForCustomContentProvider(const String& suggestedFilename, const IPC::DataReference& dataReference)
{
- pageClient().didFinishLoadingDataForCustomContentProvider(suggestedFilename, dataReference);
+ pageClient().didFinishLoadingDataForCustomContentProvider(ResourceResponseBase::sanitizeSuggestedFilename(suggestedFilename), dataReference);
}
void WebPageProxy::backForwardRemovedItem(const BackForwardItemIdentifier& itemID)
@@ -7819,15 +7819,16 @@
void WebPageProxy::saveDataToFileInDownloadsFolder(String&& suggestedFilename, String&& mimeType, URL&& originatingURLString, API::Data& data)
{
- m_uiClient->saveDataToFileInDownloadsFolder(this, suggestedFilename, mimeType, originatingURLString, data);
+ m_uiClient->saveDataToFileInDownloadsFolder(this, ResourceResponseBase::sanitizeSuggestedFilename(suggestedFilename), mimeType, originatingURLString, data);
}
void WebPageProxy::savePDFToFileInDownloadsFolder(String&& suggestedFilename, URL&& originatingURL, const IPC::DataReference& dataReference)
{
- if (!suggestedFilename.endsWithIgnoringASCIICase(".pdf"))
+ String sanitizedFilename = ResourceResponseBase::sanitizeSuggestedFilename(suggestedFilename);
+ if (!sanitizedFilename.endsWithIgnoringASCIICase(".pdf"))
return;
- saveDataToFileInDownloadsFolder(WTFMove(suggestedFilename), "application/pdf"_s, WTFMove(originatingURL),
+ saveDataToFileInDownloadsFolder(WTFMove(sanitizedFilename), "application/pdf"_s, WTFMove(originatingURL),
API::Data::create(dataReference.data(), dataReference.size()).get());
}
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.h (250156 => 250157)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.h 2019-09-20 21:45:53 UTC (rev 250156)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.h 2019-09-20 21:49:30 UTC (rev 250157)
@@ -1193,7 +1193,6 @@
void saveDataToFileInDownloadsFolder(String&& suggestedFilename, String&& mimeType, URL&& originatingURL, API::Data&);
void savePDFToFileInDownloadsFolder(String&& suggestedFilename, URL&& originatingURL, const IPC::DataReference&);
#if PLATFORM(COCOA)
- void savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw(const String& suggestedFilename, const String& originatingURLString, const uint8_t* data, unsigned long size, const String& pdfUUID);
void savePDFToTemporaryFolderAndOpenWithNativeApplication(const String& suggestedFilename, const String& originatingURLString, const IPC::DataReference&, const String& pdfUUID);
void openPDFFromTemporaryFolderWithNativeApplication(const String& pdfUUID);
#endif
Modified: trunk/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm (250156 => 250157)
--- trunk/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm 2019-09-20 21:45:53 UTC (rev 250156)
+++ trunk/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm 2019-09-20 21:49:30 UTC (rev 250157)
@@ -1045,11 +1045,6 @@
notImplemented();
}
-void WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw(const String&, const String&, const uint8_t*, unsigned long, const String&)
-{
- notImplemented();
-}
-
void WebPageProxy::openPDFFromTemporaryFolderWithNativeApplication(const String&)
{
notImplemented();
Modified: trunk/Source/WebKit/UIProcess/mac/WebPageProxyMac.mm (250156 => 250157)
--- trunk/Source/WebKit/UIProcess/mac/WebPageProxyMac.mm 2019-09-20 21:45:53 UTC (rev 250156)
+++ trunk/Source/WebKit/UIProcess/mac/WebPageProxyMac.mm 2019-09-20 21:49:30 UTC (rev 250157)
@@ -493,22 +493,23 @@
return path;
}
-void WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw(const String& suggestedFilename, const String& originatingURLString, const uint8_t* data, unsigned long size, const String& pdfUUID)
+void WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplication(const String& suggestedFilename, const String& originatingURLString, const IPC::DataReference& data, const String& pdfUUID)
{
// FIXME: Write originatingURLString to the file's originating URL metadata (perhaps FileSystem::setMetadataURL()?).
UNUSED_PARAM(originatingURLString);
- if (!suggestedFilename.endsWithIgnoringASCIICase(".pdf")) {
- WTFLogAlways("Cannot save file without .pdf extension to the temporary directory.");
+ if (data.isEmpty()) {
+ WTFLogAlways("Cannot save empty PDF file to the temporary directory.");
return;
}
- if (!size) {
- WTFLogAlways("Cannot save empty PDF file to the temporary directory.");
+ auto sanitizedFilename = ResourceResponseBase::sanitizeSuggestedFilename(suggestedFilename);
+ if (!sanitizedFilename.endsWithIgnoringASCIICase(".pdf")) {
+ WTFLogAlways("Cannot save file without .pdf extension to the temporary directory.");
return;
}
- NSString *nsPath = pathToPDFOnDisk(suggestedFilename);
+ NSString *nsPath = pathToPDFOnDisk(sanitizedFilename);
if (!nsPath)
return;
@@ -515,10 +516,10 @@
RetainPtr<NSNumber> permissions = adoptNS([[NSNumber alloc] initWithInt:S_IRUSR]);
RetainPtr<NSDictionary> fileAttributes = adoptNS([[NSDictionary alloc] initWithObjectsAndKeys:permissions.get(), NSFilePosixPermissions, nil]);
- RetainPtr<NSData> nsData = adoptNS([[NSData alloc] initWithBytesNoCopy:(void*)data length:size freeWhenDone:NO]);
+ RetainPtr<NSData> nsData = adoptNS([[NSData alloc] initWithBytesNoCopy:(void*)data.data() length:data.size() freeWhenDone:NO]);
if (![[NSFileManager defaultManager] createFileAtPath:nsPath contents:nsData.get() attributes:fileAttributes.get()]) {
- WTFLogAlways("Cannot create PDF file in the temporary directory (%s).", suggestedFilename.utf8().data());
+ WTFLogAlways("Cannot create PDF file in the temporary directory (%s).", sanitizedFilename.utf8().data());
return;
}
@@ -527,16 +528,6 @@
[[NSWorkspace sharedWorkspace] openFile:nsPath];
}
-void WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplication(const String& suggestedFilename, const String& originatingURLString, const IPC::DataReference& data, const String& pdfUUID)
-{
- if (data.isEmpty()) {
- WTFLogAlways("Cannot save empty PDF file to the temporary directory.");
- return;
- }
-
- savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw(suggestedFilename, originatingURLString, data.data(), data.size(), pdfUUID);
-}
-
void WebPageProxy::openPDFFromTemporaryFolderWithNativeApplication(const String& pdfUUID)
{
String pdfFilename = m_temporaryPDFFiles.get(pdfUUID);
