| Index: webkit/database/database_util.cc
|
| diff --git a/webkit/database/database_util.cc b/webkit/database/database_util.cc
|
| index 6d5ff95bd81132dd608f4949b5621158b6dd504d..8acccd22f26c9588945417e1f5e11e7e1665634f 100644
|
| --- a/webkit/database/database_util.cc
|
| +++ b/webkit/database/database_util.cc
|
| @@ -4,6 +4,7 @@
|
|
|
| #include "webkit/database/database_util.h"
|
|
|
| +#include "base/basictypes.h"
|
| #include "base/utf_string_conversions.h"
|
| #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h"
|
| #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h"
|
| @@ -90,4 +91,15 @@ GURL DatabaseUtil::GetOriginFromIdentifier(const string16& origin_identifier) {
|
| return GURL(web_security_origin.toString());
|
| }
|
|
|
| +bool DatabaseUtil::IsValidOriginIdentifier(const string16& origin_identifier) {
|
| + string16 dotdot = ASCIIToUTF16("..");
|
| + char16 forbidden[] = {'\\', '/', '\0'};
|
| +
|
| + string16::size_type pos = origin_identifier.find(dotdot);
|
| + if (pos == string16::npos)
|
| + pos = origin_identifier.find_first_of(forbidden, 0, arraysize(forbidden));
|
| +
|
| + return pos == string16::npos;
|
| +}
|
| +
|
| } // namespace webkit_database
|
|
|
Chromium Code Reviews
Issue 12212091:
WebDatabase: check path traversal in origin_identifier (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src