summaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
authorJohn Mark Bell <jmb@netsurf-browser.org>2009-03-04 13:29:54 +0000
committerJohn Mark Bell <jmb@netsurf-browser.org>2009-03-04 13:29:54 +0000
commita763e36d2e81827396a1ca32db4cd77e0e70a61f (patch)
tree8e27cc1099aba23d591937a0fdc9e1b8e07933e7 /content
parentb833e5a727051955f7dea9fede75862befcd5d44 (diff)
downloadnetsurf-a763e36d2e81827396a1ca32db4cd77e0e70a61f.tar.gz
netsurf-a763e36d2e81827396a1ca32db4cd77e0e70a61f.tar.bz2
It's probably a good idea not to redirect to file:/// URLs
svn path=/trunk/netsurf/; revision=6695
Diffstat (limited to 'content')
-rw-r--r--content/fetchcache.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/content/fetchcache.c b/content/fetchcache.c
index 45aa9748e..a606be6d5 100644
--- a/content/fetchcache.c
+++ b/content/fetchcache.c
@@ -940,6 +940,7 @@ void fetchcache_redirect(struct content *c, const void *data,
{
char *url, *url1;
char *referer, *parent_url;
+ char *scheme;
long http_code;
const char *ref;
const char *parent;
@@ -1065,6 +1066,31 @@ void fetchcache_redirect(struct content *c, const void *data,
/* No longer need url1 */
free(url1);
+ /* Ensure that redirects to file:/// URLs are trapped */
+ result = url_scheme(url, &scheme);
+ if (result != URL_FUNC_OK) {
+ msg_data.error = messages_get("BadRedirect");
+ content_broadcast(c, CONTENT_MSG_ERROR, msg_data);
+
+ free(url);
+ free(parent_url);
+ free(referer);
+ return;
+ }
+
+ if (strcasecmp(scheme, "file") == 0) {
+ msg_data.error = messages_get("BadRedirect");
+ content_broadcast(c, CONTENT_MSG_ERROR, msg_data);
+
+ free(scheme);
+ free(url);
+ free(parent_url);
+ free(referer);
+ return;
+ }
+
+ free(scheme);
+
/* Determine if we've got a fetch handler for this url */
can_fetch = fetch_can_fetch(url);