commit 7d9decc785bdc42443ee9835e0244f082d6911fb Author: Tim Huang tihuang@mozilla.com Date: Tue Jul 3 13:47:45 2018 +0000
Bug 1470156 - Part 2: Fixing the crashing problem when using an invalid character in a firstPartyDomain. r=baku
This patch adds a sanitization of firstPartyDomain when calling the OriginAttributes::CreateSuffix() and remove the release assert there. The cookies API for the web extension can use a arbitrary string for the firstPartyDomain. So, we should sanitize the firstPartyDomain before we creating a suffix. The release assert is not required anymore since the firstPartyDomain is sanitized
Depends on D1845.
Differential Revision: https://phabricator.services.mozilla.com/D1856
--HG-- extra : moz-landing-system : lando --- caps/OriginAttributes.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/caps/OriginAttributes.cpp b/caps/OriginAttributes.cpp index ea3d7e507f3f..21092e46fb74 100644 --- a/caps/OriginAttributes.cpp +++ b/caps/OriginAttributes.cpp @@ -151,8 +151,10 @@ OriginAttributes::CreateSuffix(nsACString& aStr) const }
if (!mFirstPartyDomain.IsEmpty()) { - MOZ_RELEASE_ASSERT(mFirstPartyDomain.FindCharInSet(dom::quota::QuotaManager::kReplaceChars) == kNotFound); - params.Set(NS_LITERAL_STRING("firstPartyDomain"), mFirstPartyDomain); + nsAutoString sanitizedFirstPartyDomain(mFirstPartyDomain); + sanitizedFirstPartyDomain.ReplaceChar(dom::quota::QuotaManager::kReplaceChars, '+'); + + params.Set(NS_LITERAL_STRING("firstPartyDomain"), sanitizedFirstPartyDomain); }
aStr.Truncate();
tbb-commits@lists.torproject.org