delta/qt5/qtwebengine-chromium.git - code.qt.io: qt/qtwebengine-chromium.git

diff options

author	Allan Sandfeld Jensen <allan.jensen@theqtcompany.com>	2015-12-02 11:58:32 +0100
committer	Allan Sandfeld Jensen <allan.jensen@theqtcompany.com>	2016-02-02 12:12:55 +0000
commit	f5c64cc3b288439e19fbc485a762c3d58047c6b7 (patch)
tree	01db69564ea5e20940bf058b3481c7b46a6d8857 /chromium/build/protoc_java.py
parent	9e8b6a16bb9dda3c18a6e770c5698acf38daf326 (diff)
download	qtwebengine-chromium-f5c64cc3b288439e19fbc485a762c3d58047c6b7.tar.gz

<third_party/WebKit> Cherry-pick fix for CVE-2015-6768

Block javascript: document navigations during page dismissal events. This basically reflects the logic from FrameLoader::startLoad. Before this patch, javascript: document navigations could be performed during page dismissal events. This could be problematic, especially that dismissal events prevent loaders from being stopped or detached. This patch adds a bail-out condition to FrameLoader::replaceDocumentWhileExecutingJavaScriptURL. BUG=556724 Review URL: https://codereview.chromium.org/1451123002 Change-Id: Ifcb3dfd1d962c3338a3703def3b84432b58cfa5b Reviewed-by: Michael Brüning <michael.bruning@theqtcompany.com>

Diffstat (limited to 'chromium/build/protoc_java.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: