diff options
author | Jüri Valdmann <juri.valdmann@qt.io> | 2018-04-27 15:48:17 +0200 |
---|---|---|
committer | Michal Klocek <michal.klocek@qt.io> | 2018-05-16 17:14:59 +0000 |
commit | 8476245d1a197d05f988ef87f17b7ccbbcbba878 (patch) | |
tree | 08a0d181a56fc4079403543a807600d584f8827a /src/core/web_contents_delegate_qt.cpp | |
parent | 580fdd43c23aa409880a64f7dc0ce04ec57a1bcd (diff) |
Replace invalid characters in WebChannel messages
Turns out JavaScript's JSON.stringify is not guaranteed to produce valid UTF-16
strings. It is possible in JavaScript to produce string objects which contain
invalid code units (unmatched surrogate pairs) and JSON.stringify will simply
copy this data to it's output. However, such a string cannot be losslessly
converted to UTF-8 and this leads to fun errors in WebChannelIPCTransport.
This patch
- Adds a test for the scenario above.
- Changes WebChannelIPCTransport to replace these invalid code units with the
Unicode replacement character U+FFFD.
- Changes WebChannelIPCTransportHost to validate the data it gets from the
renderer. Not validating the data defeats the whole point of Chromium's
fancy multi-process architecture: the renderer is not to be trusted.
- Changes WebChannelIPCTransport to throw JavaScript exceptions for various
errors (missing argument, wrong type, invalid JSON). Seems like the polite
thing to do.
Task-number: QTBUG-61969
Change-Id: I83275a0eaed77109dc458b80e27217108dde9f7b
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Diffstat (limited to 'src/core/web_contents_delegate_qt.cpp')
0 files changed, 0 insertions, 0 deletions