From a763e36d2e81827396a1ca32db4cd77e0e70a61f Mon Sep 17 00:00:00 2001
From: John Mark Bell <jmb@netsurf-browser.org>
Date: Wed, 4 Mar 2009 13:29:54 +0000
Subject: It's probably a good idea not to redirect to file:/// URLs

svn path=/trunk/netsurf/; revision=6695
---
 content/fetchcache.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

(limited to 'content')

diff --git a/content/fetchcache.c b/content/fetchcache.c
index 45aa9748e..a606be6d5 100644
--- a/content/fetchcache.c
+++ b/content/fetchcache.c
@@ -940,6 +940,7 @@ void fetchcache_redirect(struct content *c, const void *data,
 {
 	char *url, *url1;
 	char *referer, *parent_url;
+	char *scheme;
 	long http_code;
 	const char *ref;
 	const char *parent;
@@ -1065,6 +1066,31 @@ void fetchcache_redirect(struct content *c, const void *data,
 	/* No longer need url1 */
 	free(url1);
 
+	/* Ensure that redirects to file:/// URLs are trapped */
+	result = url_scheme(url, &scheme);
+	if (result != URL_FUNC_OK) {
+		msg_data.error = messages_get("BadRedirect");
+		content_broadcast(c, CONTENT_MSG_ERROR, msg_data);
+
+		free(url);
+		free(parent_url);
+		free(referer);
+		return;
+	}
+
+	if (strcasecmp(scheme, "file") == 0) {
+		msg_data.error = messages_get("BadRedirect");
+		content_broadcast(c, CONTENT_MSG_ERROR, msg_data);
+
+		free(scheme);
+		free(url);
+		free(parent_url);
+		free(referer);
+		return;
+	}
+
+	free(scheme); 
+	
 	/* Determine if we've got a fetch handler for this url */
 	can_fetch = fetch_can_fetch(url);
 
-- 
cgit v1.2.3