Summary: | [PSON] Received an invalid message "WebPageProxy.DidPerformClientRedirect" from the web process | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Chris Dumez <cdumez> | ||||
Component: | WebKit2 | Assignee: | Chris Dumez <cdumez> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | achristensen, ap, beidson, bfulgham, commit-queue, ggaren, koivisto, rniwa, webkit-bug-importer | ||||
Priority: | P2 | Keywords: | InRadar | ||||
Version: | WebKit Nightly Build | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Bug Depends on: | 191982 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Chris Dumez
2018-11-18 20:18:28 PST
Created attachment 355251 [details]
Patch
Comment on attachment 355251 [details] Patch Clearing flags on attachment: 355251 Committed r238368: <https://trac.webkit.org/changeset/238368> All reviewed patches have been landed. Closing bug. Comment on attachment 355251 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=355251&action=review > Source/WebKit/UIProcess/WebPageProxy.cpp:-4446 > - MESSAGE_CHECK_URL(sourceURLString); Removing a security check here doesn't look right at all. Surely we now have a situation where we don't properly track past URLs. But that doesn't mean that it's OK for the web process to send redirect messages with dangerous URLs! These are passed down to clients, so it's unlikely to be harmless. |