diff options
author | Szabolcs David <davidsz@inf.u-szeged.hu> | 2018-04-17 16:23:51 +0200 |
---|---|---|
committer | Peter Varga <pvarga@inf.u-szeged.hu> | 2018-04-27 07:30:24 +0000 |
commit | ff0a83a6c3e64772276cb71cba0392d1e89b037f (patch) | |
tree | f2170055d12cef72dd620be1a4418aed6e36d96f /src/core/renderer | |
parent | 216240a31baae6e54e38de8157332f272ddf57a7 (diff) |
Fix handling of bad @match directives
User scripts with parse errors in their @match patterns were included
on all pages. Don't allow to fallback to "@include *" in this case.
Task-number: QTBUG-67726
Change-Id: I8172184e79fe3e515f391bc6cc8274a624e67a19
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'src/core/renderer')
-rw-r--r-- | src/core/renderer/user_resource_controller.cpp | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/core/renderer/user_resource_controller.cpp b/src/core/renderer/user_resource_controller.cpp index 09451b83e..860f94a52 100644 --- a/src/core/renderer/user_resource_controller.cpp +++ b/src/core/renderer/user_resource_controller.cpp @@ -67,6 +67,11 @@ static content::RenderView * const globalScriptsIndex = 0; // Scripts meant to run after the load event will be run 500ms after DOMContentLoaded if the load event doesn't come within that delay. static const int afterLoadTimeout = 500; +static int validUserScriptSchemes() +{ + return URLPattern::SCHEME_HTTP | URLPattern::SCHEME_HTTPS | URLPattern::SCHEME_FILE; +} + static bool regexMatchesURL(const std::string &pat, const GURL &url) { QRegularExpression qre(QtWebEngineCore::toQt(pat)); qre.setPatternOptions(QRegularExpression::CaseInsensitiveOption); @@ -95,8 +100,8 @@ static bool scriptMatchesURL(const UserScriptData &scriptData, const GURL &url) if (!scriptData.urlPatterns.empty()) { matchFound = false; for (auto it = scriptData.urlPatterns.begin(), end = scriptData.urlPatterns.end(); it != end; ++it) { - URLPattern urlPattern(QtWebEngineCore::UserScript::validUserScriptSchemes(), *it); - if (urlPattern.MatchesURL(url)) + URLPattern urlPattern(validUserScriptSchemes()); + if (urlPattern.Parse(*it) == URLPattern::PARSE_SUCCESS && urlPattern.MatchesURL(url)) matchFound = true; } if (!matchFound) |