[Webkit-unassigned] [Bug 117257] New: [curl] Restrict allowed protocols
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 5 08:39:48 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=117257
Summary: [curl] Restrict allowed protocols
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: galpeter at inf.u-szeged.hu
curl supports various protocols (like: HTTP,...,POP3,IMAP...) and by default all of the are enabled for a single curl handle. Furthermore all of the protocols are allowed during location follow. This could pose a security risk for example: a malicious server responds with a crafted Location header pointing to an imap/../(etc) url and the curl backend will follow it and will give the result for the WebCore.
The curl API allows protocol restriction, so this feature can be easily implemented. As far as I know other backend only support HTTP, HTTPS, FTP, FTPS and FILE protocols.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list