diff options
Diffstat (limited to 'chromium/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp')
-rw-r--r-- | chromium/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/chromium/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp b/chromium/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp index 7af69e01190..1717cc51cb6 100644 --- a/chromium/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp +++ b/chromium/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp @@ -1839,6 +1839,10 @@ bool ContentSecurityPolicy::ShouldBypassContentSecurityPolicy( // static bool ContentSecurityPolicy::IsValidCSPAttr(const String& attr) { + // we don't allow any newline characters in the CSP attributes + if (attr.Contains('\n') || attr.Contains('\r')) + return false; + ContentSecurityPolicy* policy = ContentSecurityPolicy::Create(); policy->AddPolicyFromHeaderValue(attr, kContentSecurityPolicyHeaderTypeEnforce, |