Mailspring

Foundry376/Mailspring

Fork 0

mirror of https://github.com/Foundry376/Mailspring.git synced 2024-11-12 12:40:08 +08:00

Commit graph

Author	SHA1	Message	Date
Evan Morikawa	06a1eb42b2	fix(iframe): catch relative and malformed uris Summary: Fixes T3252 When links were clicked with malformed, relative, or malicious href links we'd perform default behavior instead of catching them. If you have href="www.foo.bar" the browser by default thinks it's a relative link. In our case it would prepend the full default base URI which is file://path/to/edgehill. This would at best fail to do anything and at worst execute an arbitrary file. We now blacklist `file:` and check for the existence of a valid RFC 3986 schema on the URI. Test Plan: manual Reviewers: bengotow Reviewed By: bengotow Maniphest Tasks: T3252 Differential Revision: https://phab.nylas.com/D1888	2015-08-19 10:20:41 -07:00

Author

SHA1

Message

Date

Evan Morikawa

06a1eb42b2

fix(iframe): catch relative and malformed uris

Summary:
Fixes T3252

When links were clicked with malformed, relative, or malicious href links
we'd perform default behavior instead of catching them.

If you have href="www.foo.bar" the browser by default thinks it's a
relative link. In our case it would prepend the full default base URI
which is file://path/to/edgehill. This would at best fail to do anything
and at worst execute an arbitrary file.

We now blacklist `file:` and check for the existence of a valid RFC 3986
schema on the URI.

Test Plan: manual

Reviewers: bengotow

Reviewed By: bengotow

Maniphest Tasks: T3252

Differential Revision: https://phab.nylas.com/D1888

2015-08-19 10:20:41 -07:00

1 commit