[webkit-changes] [WebKit/WebKit] 8c9718: X-Frame-Options HTTP headers with an empty value a...
Chris Dumez
noreply at github.com
Wed Sep 7 12:51:38 PDT 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 8c97181d75591874ad4312a0d1df22ff5d6a8fa0
https://github.com/WebKit/WebKit/commit/8c97181d75591874ad4312a0d1df22ff5d6a8fa0
Author: Chris Dumez <cdumez at apple.com>
Date: 2022-09-07 (Wed, 07 Sep 2022)
Changed paths:
M LayoutTests/imported/w3c/web-platform-tests/x-frame-options/multiple-expected.txt
M Source/WebCore/platform/network/HTTPParsers.cpp
Log Message:
-----------
X-Frame-Options HTTP headers with an empty value are incorrectly being ignored
https://bugs.webkit.org/show_bug.cgi?id=244889
Reviewed by Geoffrey Garen and Brent Fulgham.
X-Frame-Options HTTP headers with an empty value are incorrectly being ignored.
The issue was that we were using split() instead of splitAllowingEmptyEntries(),
which was causing us to skip empty header values.
* LayoutTests/imported/w3c/web-platform-tests/x-frame-options/multiple-expected.txt:
* Source/WebCore/platform/network/HTTPParsers.cpp:
(WebCore::parseXFrameOptionsHeader):
Canonical link: https://commits.webkit.org/254245@main
More information about the webkit-changes
mailing list