[epiphany] Trust localhost ip address as EPHY_SECURITY_LEVEL_LOCAL_PAGE
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [epiphany] Trust localhost ip address as EPHY_SECURITY_LEVEL_LOCAL_PAGE
- Date: Thu, 27 Dec 2018 16:11:28 +0000 (UTC)
commit 39c84c8fcdd087673786b38293471867d495f289
Author: Jan-Michael Brummer <jan brummer tabos org>
Date: Tue Dec 25 13:35:51 2018 +0100
Trust localhost ip address as EPHY_SECURITY_LEVEL_LOCAL_PAGE
Fixes: https://gitlab.gnome.org/GNOME/epiphany/issues/410
embed/ephy-web-view.c | 3 +++
embed/web-extension/resources/js/ephy.js | 4 +++-
2 files changed, 6 insertions(+), 1 deletion(-)
---
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index 0058d82ac..8aa412149 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -1853,6 +1853,9 @@ update_security_status_for_committed_load (EphyWebView *view,
if (!soup_uri ||
strcmp (soup_uri_get_scheme (soup_uri), EPHY_VIEW_SOURCE_SCHEME) == 0 ||
+ // Warning: we do not whitelist localhost because it could be redirected by DNS.
+ g_strcmp0 (soup_uri_get_host (soup_uri), "127.0.0.1") == 0 ||
+ g_strcmp0 (soup_uri_get_host (soup_uri), "::1") == 0 ||
webkit_security_manager_uri_scheme_is_local (security_manager, soup_uri->scheme) ||
webkit_security_manager_uri_scheme_is_empty_document (security_manager, soup_uri->scheme)) {
security_level = EPHY_SECURITY_LEVEL_LOCAL_PAGE;
diff --git a/embed/web-extension/resources/js/ephy.js b/embed/web-extension/resources/js/ephy.js
index fc453584b..addd9b179 100644
--- a/embed/web-extension/resources/js/ephy.js
+++ b/embed/web-extension/resources/js/ephy.js
@@ -583,7 +583,9 @@ Ephy.FormManager = class FormManager
_sensitiveElementFocused(event)
{
- let isInsecureAction = this._form.action.startsWith('http://');
+ let url = new URL(this._form.action);
+ // Warning: we do not whitelist localhost because it could be redirected by DNS.
+ let isInsecureAction = url.protocol == 'http:' && url.hostname != "127.0.0.1" && url.hostname !=
"::1";
window.webkit.messageHandlers.sensitiveFormFocused.postMessage(this._sensitiveElementMessageSerializer(this._pageID,
isInsecureAction));
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]