[Webkit-unassigned] [Bug 54304] Check for empty scheme before accessing URLSchemeMaps in SchemeRegistry
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 11 13:08:55 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=54304
--- Comment #4 from Adam Klein <adamk at chromium.org> 2011-02-11 13:08:55 PST ---
Thanks for the quick review. It's not currently possible to exercise this code with a layout test. For shouldTreatURLSchemeAsSecure, the only caller is (in FrameLoader.cpp):
if (!url.isValid || SchemeRegistry::shouldTreatURLSchemeAsSecure(url.protocol())
so the case is never hit. The situation is similar for shouldLoadURLSchemeAsSecure in MainResourceLoader.cpp:
return url.isEmpty() || SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(url.protocol());
Finally, shouldTreatURLSchemeAsNoAccess has no callers at all.
Nevertheless, I think this patch is a good idea, to avoid new, less careful callers causing crashes. I just ran into this problem when trying to get https://bugs.webkit.org/show_bug.cgi?id=53529 landed (SecurityOrigin.cpp calls these methods without pre-validating the scheme). And it appears to me that Adam Barth recently resolved the same issue for another method in http://trac.webkit.org/changeset/76637.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list