diff options
author | Marijn Kruisselbrink <mek@chromium.org> | 2020-06-19 02:22:48 +0000 |
---|---|---|
committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2020-10-05 12:02:24 +0000 |
commit | 82a0e2faa2ab61eb7fa0b0403c6990d25e6ab801 (patch) | |
tree | 639010964d9e2a7cb16eee49bb32b8cc3a07c7ea | |
parent | d7c2cf253996bd5b4a893b52fd719b11c9ec7ba9 (diff) | |
download | qtwebengine-chromium-82a0e2faa2ab61eb7fa0b0403c6990d25e6ab801.tar.gz |
[Backport] CVE-2020-6562: Insufficient policy enforcement in Blink
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2253242:
[FileAPI] Properly set charset when loading blob URL.
Bug: 1086845
Change-Id: I1630dcff89198ea968ff49ff353d793ae19c10b3
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-rw-r--r-- | chromium/storage/browser/blob/blob_url_loader.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/chromium/storage/browser/blob/blob_url_loader.cc b/chromium/storage/browser/blob/blob_url_loader.cc index ca16d565ebd..30473e163fc 100644 --- a/chromium/storage/browser/blob/blob_url_loader.cc +++ b/chromium/storage/browser/blob/blob_url_loader.cc @@ -157,10 +157,10 @@ void BlobURLLoader::HeadersCompleted(net::HttpStatusCode status_code, std::string mime_type; response.headers->GetMimeType(&mime_type); - // Match logic in StreamURLRequestJob::HeadersCompleted. if (mime_type.empty()) mime_type = "text/plain"; response.mime_type = mime_type; + response.headers->GetCharset(&response.charset); // TODO(jam): some of this code can be shared with // services/network/url_loader.h |