https://bugs.webkit.org/show_bug.cgi?id=128593
Patch by Youenn Fablet <youenn.fablet@crf.canon.fr> on 2014-10-20
Reviewed by Darin Adler.
Source/WebCore:
Test: http/tests/xmlhttprequest/set-bad-headervalue.html
* platform/network/HTTPParsers.cpp:
(WebCore::isValidHTTPHeaderValue): Updated header values check according RFC 7230.
(WebCore::isValidHTTPToken): Renamed variable name and updated RFC related comment.
LayoutTests:
Added a test originating from w3c-test.org to test header values checking.
Testing headers with non ASCII characters and various control characters.
* http/tests/xmlhttprequest/set-bad-headervalue-expected.txt: Added.
* http/tests/xmlhttprequest/set-bad-headervalue.html: Added.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@174920
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2014-10-20 Youenn Fablet <youenn.fablet@crf.canon.fr>
+
+ Tighten XMLHttpRequest setRequestHeader value check
+ https://bugs.webkit.org/show_bug.cgi?id=128593
+
+ Reviewed by Darin Adler.
+
+ Added a test originating from w3c-test.org to test header values checking.
+ Testing headers with non ASCII characters and various control characters.
+
+ * http/tests/xmlhttprequest/set-bad-headervalue-expected.txt: Added.
+ * http/tests/xmlhttprequest/set-bad-headervalue.html: Added.
+
2014-10-20 Brent Fulgham <bfulgham@apple.com>
[Win] Mark a few tests as no-longer failing.
--- /dev/null
+
+PASS XMLHttpRequest: setRequestHeader() value argument checks
+PASS XMLHttpRequest: setRequestHeader() value argument checks 1
+PASS XMLHttpRequest: setRequestHeader() value argument checks 2
+PASS XMLHttpRequest: setRequestHeader() value argument checks 3
+PASS XMLHttpRequest: setRequestHeader() value argument checks 4
+PASS XMLHttpRequest: setRequestHeader() value argument checks 5
+PASS XMLHttpRequest: setRequestHeader() value argument checks 6
+PASS XMLHttpRequest: setRequestHeader() value argument checks 7
+PASS XMLHttpRequest: setRequestHeader() value argument checks 8
+PASS XMLHttpRequest: setRequestHeader() value argument checks 9
+PASS XMLHttpRequest: setRequestHeader() value argument checks 10
+PASS XMLHttpRequest: setRequestHeader() value argument checks 11
+
--- /dev/null
+<!doctype html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <title>XMLHttpRequest: setRequestHeader() value argument checks</title>
+ <script src="/js-test-resources/testharness.js"></script>
+ <script src="/js-test-resources/testharnessreport.js"></script>
+ <!-- Test based on http://w3c-test.org/web-platform-tests/master/XMLHttpRequest/setrequestheader-bogus-value.htm This test should be removed once wpt XMLHttpRequest is imported if both tests are in sync -->
+ </head>
+ <body>
+ <div id="log"></div>
+ <script>
+ function try_value(value, expectError) {
+ test(function() {
+ var client = new XMLHttpRequest()
+ client.open("GET", "...")
+ if (expectError)
+ assert_throws("SyntaxError", function() { client.setRequestHeader("x-test", value) }, ' given value ' + value+', ')
+ else
+ client.setRequestHeader("x-test", value)
+ })
+ }
+
+ try_value("t\rt", true)
+ try_value("t\nt", true)
+ try_value("テスト", true)
+ try_value("t\bt", true)
+ try_value("t\vt", true)
+ try_value("t\tt", false)
+ try_value("t t", false)
+ try_value(" t", true)
+ try_value("t ", true)
+ try_value("\xd0\xa1", false)
+ try_value("\x7f", true)
+ test(function() {
+ var client = new XMLHttpRequest()
+ client.open("GET", "...")
+ assert_throws({name:'TypeError'}, function() { client.setRequestHeader("x-test") })
+ })
+ </script>
+ </body>
+</html>
+2014-10-20 Youenn Fablet <youenn.fablet@crf.canon.fr>
+
+ Tighten XMLHttpRequest setRequestHeader value check
+ https://bugs.webkit.org/show_bug.cgi?id=128593
+
+ Reviewed by Darin Adler.
+
+ Test: http/tests/xmlhttprequest/set-bad-headervalue.html
+
+ * platform/network/HTTPParsers.cpp:
+ (WebCore::isValidHTTPHeaderValue): Updated header values check according RFC 7230.
+ (WebCore::isValidHTTPToken): Renamed variable name and updated RFC related comment.
+
2014-10-20 Michael Saboff <msaboff@apple.com>
Make post checkin suggested changes to r174847
return pos != start;
}
-bool isValidHTTPHeaderValue(const String& name)
+// See RFC 7230, Section 3.2.3.
+bool isValidHTTPHeaderValue(const String& value)
{
- // FIXME: This should really match name against
- // field-value in section 4.2 of RFC 2616.
-
- return !name.contains('\r') && !name.contains('\n');
+ UChar c = value[0];
+ if (c == ' ' || c == '\t')
+ return false;
+ c = value[value.length() - 1];
+ if (c == ' ' || c == '\t')
+ return false;
+ for (unsigned i = 0; i < value.length(); ++i) {
+ c = value[i];
+ if (c == 0x7F || c > 0xFF || (c < 0x20 && c != '\t'))
+ return false;
+ }
+ return true;
}
-// See RFC 2616, Section 2.2.
-bool isValidHTTPToken(const String& characters)
+// See RFC 7230, Section 3.2.6.
+bool isValidHTTPToken(const String& value)
{
- if (characters.isEmpty())
+ if (value.isEmpty())
return false;
- for (unsigned i = 0; i < characters.length(); ++i) {
- UChar c = characters[i];
+ for (unsigned i = 0; i < value.length(); ++i) {
+ UChar c = value[i];
if (c <= 0x20 || c >= 0x7F
|| c == '(' || c == ')' || c == '<' || c == '>' || c == '@'
|| c == ',' || c == ';' || c == ':' || c == '\\' || c == '"'