[webkit-changes] [128050] trunk/Source/WebKit2

[carlosgc]

Title: [128050] trunk/Source/WebKit2

Revision

128050

Author

carlo...@webkit.org

Date

2012-09-10 06:06:30 -0700 (Mon, 10 Sep 2012)

Log Message

[GTK] Sanitize the suggested filename when building the download destination URI
https://bugs.webkit.org/show_bug.cgi?id=96260

Reviewed by Gustavo Noronha Silva.

The suggested filename returned by the server can contain
directory separators so that the filename would be interpreted as
a full path.

* UIProcess/API/gtk/WebKitDownload.cpp:
(webkitDownloadDecideDestination): Convert any directory separator
contained in the suggested filename to an underscore.

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/UIProcess/API/gtk/WebKitDownload.cpp

Diff

Modified: trunk/Source/WebKit2/ChangeLog (128049 => 128050)

--- trunk/Source/WebKit2/ChangeLog	2012-09-10 12:57:03 UTC (rev 128049)
+++ trunk/Source/WebKit2/ChangeLog	2012-09-10 13:06:30 UTC (rev 128050)
@@ -1,3 +1,18 @@
+2012-09-10  Carlos Garcia Campos  <cgar...@igalia.com>
+
+        [GTK] Sanitize the suggested filename when building the download destination URI
+        https://bugs.webkit.org/show_bug.cgi?id=96260
+
+        Reviewed by Gustavo Noronha Silva.
+
+        The suggested filename returned by the server can contain
+        directory separators so that the filename would be interpreted as
+        a full path.
+
+        * UIProcess/API/gtk/WebKitDownload.cpp:
+        (webkitDownloadDecideDestination): Convert any directory separator
+        contained in the suggested filename to an underscore.
+
 2012-09-10  Simon Hausmann  <simon.hausm...@nokia.com>
 
         [Qt] Fix generation of forward headers for generated files in WebCore on Windows

Modified: trunk/Source/WebKit2/UIProcess/API/gtk/WebKitDownload.cpp (128049 => 128050)

--- trunk/Source/WebKit2/UIProcess/API/gtk/WebKitDownload.cpp	2012-09-10 12:57:03 UTC (rev 128049)
+++ trunk/Source/WebKit2/UIProcess/API/gtk/WebKitDownload.cpp	2012-09-10 13:06:30 UTC (rev 128050)
@@ -98,7 +98,9 @@
 {
     if (!download->priv->destinationURI.isNull())
         return FALSE;
-    GOwnPtr<char> destination(g_build_filename(g_get_user_special_dir(G_USER_DIRECTORY_DOWNLOAD), suggestedFilename, NULL));
+
+    GOwnPtr<char> filename(g_strdelimit(g_strdup(suggestedFilename), G_DIR_SEPARATOR_S, '_'));
+    GOwnPtr<char> destination(g_build_filename(g_get_user_special_dir(G_USER_DIRECTORY_DOWNLOAD), filename.get(), NULL));
     GOwnPtr<char> destinationURI(g_filename_to_uri(destination.get(), 0, 0));
     download->priv->destinationURI = destinationURI.get();
     g_object_notify(G_OBJECT(download), "destination");

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes