mirror of
https://github.com/servo/servo.git
synced 2025-08-02 20:20:14 +01:00
144b980df2
Prevent injection vulnerability in image page This is taking up nox' suggestion from #12542 and creates an img element using Rust code instead of escaping the URL. I will look at the neterror.html URL strings separately, we might do those in a similar way. To reproduce, visit e.g. the following URL with your vulnerable Servo: ``` https://servo.org/screenshot.png?'onload='document.body.innerHTML=`hacked`' ``` --- - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] These changes fix #12542 - [x] These changes do not require tests because this is just fixing up existing behavior and I'm not sure how to test it r?@jdm <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/12679) <!-- Reviewable:end --> |
||
|---|---|---|
| .. | ||
| canvas | ||
| canvas_traits | ||
| compositing | ||
| constellation | ||
| devtools | ||
| devtools_traits | ||
| gfx | ||
| gfx_traits | ||
| layout | ||
| layout_thread | ||
| layout_traits | ||
| msg | ||
| net | ||
| net_traits | ||
| plugins | ||
| profile | ||
| profile_traits | ||
| range | ||
| script | ||
| script_layout_interface | ||
| script_traits | ||
| servo | ||
| style | ||
| style_traits | ||
| util | ||
| webdriver_server | ||
