Port blocking bypass issue using 307 redirect
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 6 Jan 2016 22:07:51 +0000 (22:07 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 6 Jan 2016 22:07:51 +0000 (22:07 +0000)
commit5ddbbbcf30b29bce4f966af24192a9dbb00bc957
treef396fcc07f7789de64c0cdf9e6d42a443bd71707
parent7d5d298cb3c6f5d855970d50e251e3626a6f145b
Port blocking bypass issue using 307 redirect
https://bugs.webkit.org/show_bug.cgi?id=152801
<rdar://problem/24048554>

Reviewed by Anders Carlsson.

Source/WebCore:

Tested by http/tests/security/blocked-on-redirect.html.

Make sure that 307 redirects check the requested URL via 'portAllowed'.

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::willSendRequest): Confirm that the requested port
is valid, and block load if it is not.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::reportBlockedPortFailed): Added.
(WebCore::FrameLoader::blockedError): Added.
* loader/FrameLoader.h:

LayoutTests:

* http/tests/security/blocked-on-redirect-expected.txt: Added.
* http/tests/security/blocked-on-redirect.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194666 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/http/tests/security/blocked-on-redirect-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/blocked-on-redirect.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/loader/DocumentLoader.cpp
Source/WebCore/loader/FrameLoader.cpp
Source/WebCore/loader/FrameLoader.h