From a99df132095a77867b52ce933161380a88eaf245 Mon Sep 17 00:00:00 2001
From: Danil Somsikov <dsv@chromium.org>
Date: Fri, 24 Mar 2023 13:50:43 +0100
Subject: [Backport] CVE-2023-1813: Inappropriate implementation in Extensions

Manual cherry-pick of patch originally reviewed on
Use built-in URL class instead of string comparison in file URL check.

Bug: 1423258
Change-Id: Ie6ea865fbe363c138b372d45d98daf1db6434671
Reviewed-on: https://chromium-review.googlesource.com/c/devtools/devtools-frontend/+/4370246
Commit-Queue: Alex Gough <ajgo@chromium.org>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Auto-Submit: Danil Somsikov <dsv@chromium.org>
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/474366
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
---
 .../src/front_end/models/extensions/ExtensionAPI.ts                 | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts b/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts
index 108caac7823..7159168d81c 100644
--- a/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts
+++ b/chromium/third_party/devtools-frontend/src/front_end/models/extensions/ExtensionAPI.ts
@@ -1138,7 +1138,11 @@ self.injectedExtensionAPI = function(
   }
 
   function canAccessResource(resource: APIImpl.ResourceData): boolean {
-    return extensionInfo.allowFileAccess || !resource.url.startsWith('file://');
+    try {
+      return extensionInfo.allowFileAccess || (new URL(resource.url)).protocol !== 'file:';
+    } catch (e) {
+      return false;
+    }
   }
 
   function InspectedWindow(this: PublicAPI.Chrome.DevTools.InspectedWindow): void {
-- 
cgit v1.2.1