From aa76fb175400f2a7791357fcdd83be49914c3892 Mon Sep 17 00:00:00 2001 From: John Mark Bell Date: Tue, 3 Jan 2006 23:26:58 +0000 Subject: [project @ 2006-01-03 23:26:58 by jmb] Detect and prevent self-referential redirects. This is not a complete solution as it does not handle the likes of page1 -> page2 -> page1 -> ... To solve that probably requires counting the number of redirects a given fetch has made and then bailing once it exceeds some fixed value. From what I can see at present, this will have to be done at the top-level (i.e. browser_window_callback and suchlike). svn path=/import/netsurf/; revision=1978 --- content/fetchcache.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'content/fetchcache.c') diff --git a/content/fetchcache.c b/content/fetchcache.c index c58d9d34f..a7e68ee97 100644 --- a/content/fetchcache.c +++ b/content/fetchcache.c @@ -307,8 +307,20 @@ void fetchcache_callback(fetch_msg msg, void *p, const char *data, * destroyed in content_clean() */ c->status = CONTENT_STATUS_ERROR; if (result == URL_FUNC_OK) { - msg_data.redirect = url; - content_broadcast(c, CONTENT_MSG_REDIRECT, msg_data); + /* check that we're not attempting to + * redirect to the same URL */ + if (strcasecmp(c->url, url) == 0) { + msg_data.error = + messages_get("BadRedirect"); + content_broadcast(c, + CONTENT_MSG_ERROR, msg_data); + } + else { + msg_data.redirect = url; + content_broadcast(c, + CONTENT_MSG_REDIRECT, + msg_data); + } free(url); } else { msg_data.error = messages_get("BadRedirect"); -- cgit v1.2.3