Tighten XMLHttpRequest setRequestHeader value check
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 21 Oct 2014 01:50:41 +0000 (01:50 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 21 Oct 2014 01:50:41 +0000 (01:50 +0000)
commit51709a6e30bfe90b9ce685a89ac76216242a5671
treebace7c0817ae0213e7d530fa6420799d67979162
parent719b995bed38912792bf8a98bacbcfbba8b31e73
Tighten XMLHttpRequest setRequestHeader value check
https://bugs.webkit.org/show_bug.cgi?id=128593

Patch by Youenn Fablet <youenn.fablet@crf.canon.fr> on 2014-10-20
Reviewed by Darin Adler.

Source/WebCore:

Test: http/tests/xmlhttprequest/set-bad-headervalue.html

* platform/network/HTTPParsers.cpp:
(WebCore::isValidHTTPHeaderValue): Updated header values check according RFC 7230.
(WebCore::isValidHTTPToken): Renamed variable name and updated RFC related comment.

LayoutTests:

Added a test originating from w3c-test.org to test header values checking.
Testing headers with non ASCII characters and various control characters.

* http/tests/xmlhttprequest/set-bad-headervalue-expected.txt: Added.
* http/tests/xmlhttprequest/set-bad-headervalue.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@174920 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/xmlhttprequest/set-bad-headervalue.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/platform/network/HTTPParsers.cpp