Bug 30178 - Make the setMetadataURL function foolproof by having it remove user info
Summary: Make the setMetadataURL function foolproof by having it remove user info
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: Mac All
: P2 Normal
Assignee: Darin Adler
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2009-10-07 11:50 PDT by Darin Adler
Modified: 2009-10-07 16:20 PDT (History)
0 users

See Also:

Attachments
patch (5.39 KB, patch)
2009-10-07 11:54 PDT, Darin Adler 		sullivan: review+
darin: commit-queue-
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Darin Adler 2009-10-07 11:50:22 PDT 
Callers should not pass URLs with user info to setMetadataURL, but if they do, that function should remove it.
Comment 1 Darin Adler 2009-10-07 11:54:49 PDT 
Created attachment 40810 [details]
patch
Comment 2 Darin Adler 2009-10-07 11:55:25 PDT 
<rdar://problem/6544670>
Comment 3 John Sullivan 2009-10-07 12:00:51 PDT 
Comment on attachment 40810 [details]
patch

> Index: WebKit/mac/Misc/WebNSURLExtras.mm
> ===================================================================
> --- WebKit/mac/Misc/WebNSURLExtras.mm	(revision 49253)
> +++ WebKit/mac/Misc/WebNSURLExtras.mm	(working copy)
> @@ -1,5 +1,5 @@
>  /*
> - * Copyright (C) 2005, 2007, 2008 Apple Inc. All rights reserved.
> + * Copyright (C) 2005, 2007, 2008, 2009 Apple Inc. All rights reserved.
>   * Copyright (C) 2006 Alexey Proskuryakov (ap@nypop.com)
>   *
>   * Redistribution and use in source and binary forms, with or without
> @@ -619,17 +619,6 @@ static CFStringRef createStringWithEscap
>      return result;
>  }
>  
> -typedef struct {
> -    NSString *scheme;
> -    NSString *user;
> -    NSString *password;
> -    NSString *host;
> -    CFIndex port; // kCFNotFound means ignore/omit
> -    NSString *path;
> -    NSString *query;
> -    NSString *fragment;
> -} WebKitURLComponents;
> 

I presume this struct is no longer used -- you should mention that in the ChangeLog.
Comment 4 Darin Adler 2009-10-07 16:20:53 PDT 
http://trac.webkit.org/changeset/49273