GNOME.org
 

[epiphany/gnome-41] pdf-handler: properly encode filename before inserting to HTML

commit 8e92921425840d78821bd7984b35a174a21d6da2
Author: Michael Catanzaro <mcatanzaro redhat com>
Date:   Tue Dec 14 16:46:07 2021 -0600

    pdf-handler: properly encode filename before inserting to HTML
    
    The file's name is suggested by the server, and could be malicious. We
    don't want it to be able to escape the HTML attribute context.
    
    The file data should already be safe because it is base-64 encoded. Here
    I'm just adjusting the code style to match what I've done for the
    filename.
    
    Part-of: <https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1045>

 embed/ephy-pdf-handler.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)
---
diff --git a/embed/ephy-pdf-handler.c b/embed/ephy-pdf-handler.c
index da10b7e02..bcc226c5f 100644
--- a/embed/ephy-pdf-handler.c
+++ b/embed/ephy-pdf-handler.c
@@ -23,6 +23,7 @@
 
 #include "ephy-embed-container.h"
 #include "ephy-embed-shell.h"
+#include "ephy-output-encoding.h"
 #include "ephy-web-view.h"
 
 #include <gio/gio.h>
@@ -124,8 +125,9 @@ pdf_file_loaded (GObject      *source,
   g_autoptr (GBytes) html_file = NULL;
   g_autoptr (GError) error = NULL;
   g_autoptr (GString) html = NULL;
-  g_autofree gchar *b64 = NULL;
   g_autofree char *file_data = NULL;
+  g_autofree char *encoded_file_data = NULL;
+  g_autofree char *encoded_filename = NULL;
   gsize len = 0;
 
   if (!g_file_load_contents_finish (G_FILE (source), res, &file_data, &len, NULL, &error)) {
@@ -134,13 +136,13 @@ pdf_file_loaded (GObject      *source,
     return;
   }
 
-  html_file = g_resources_lookup_data ("/org/gnome/epiphany/pdfjs/web/viewer.html", 0, NULL);
-
-  b64 = g_base64_encode ((const guchar *)file_data, len);
   g_file_delete_async (G_FILE (source), G_PRIORITY_DEFAULT, NULL, pdf_file_deleted, NULL);
 
-  html = g_string_new ("");
-  g_string_printf (html, g_bytes_get_data (html_file, NULL), b64, self->file_name ? self->file_name : "");
+  html = g_string_new (NULL);
+  html_file = g_resources_lookup_data ("/org/gnome/epiphany/pdfjs/web/viewer.html", 0, NULL);
+  encoded_file_data = g_base64_encode ((const guchar *)file_data, len);
+  encoded_filename = self->file_name ? ephy_encode_for_html_attribute (self->file_name) : g_strdup ("");
+  g_string_printf (html, g_bytes_get_data (html_file, NULL), encoded_file_data, encoded_filename);
 
   finish_uri_scheme_request (self, g_strdup (html->str), NULL);
 }
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]