Backport a patch for disabling DNS prefetch5.9

This fixes one occasion of the EFAIL vulnerability [1] for Trojitá e-mail client. It fixes a privacy leak where malicious HTML content used to be able to re-enable DNS prefetch. Patch is straight from WebKit upstream [2] [3], written by Milan Crha <mcrha@redhat.com> on 2018-02-27. Reviewed by Michael Catanzaro. [1] https://efail.de/ [2] https://git.webkit.org/?p=WebKit.git;a=commitdiff;h=24e5a4ed218697eb20064e0c14c9e9767f197dbd [3] https://bugs.webkit.org/show_bug.cgi?id=182924 Task-number: QTBUG-67068 Change-Id: Iec52181c8c77c89e3b8248fa60f5834aa6777458 Reviewed-by: Konstantin Tokarev <annulen@yandex.ru>
author: Jan Kundrát <jkt@kde.org> 2018-05-19 18:30:48 +0200
committer: Jan Kundrát <jkt@kde.org> 2019-07-02 17:34:03 +0200
commit: 8121ac090502c88cee250ab94faeac2ef3da22ed (patch)
tree: c41d4b03d7c1179eef8c1ec0ece0d7139fe0bcde
parent: bd0657f98aff85b9f06d85a8cf4da6a27f61a56e (diff)
download: qtwebkit-5.9.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/Source/WebCore/dom/Document.cpp b/Source/WebCore/dom/Document.cpp
index af63b141f..698bb1cbb 100644
--- a/Source/WebCore/dom/Document.cpp
+++ b/Source/WebCore/dom/Document.cpp
@@ -4742,6 +4742,9 @@ void Document::initDNSPrefetch()
 
 void Document::parseDNSPrefetchControlHeader(const String& dnsPrefetchControl)
 {
+    if (!settings()->dnsPrefetchingEnabled())
+        return;
+
     if (equalIgnoringCase(dnsPrefetchControl, "on") && !m_haveExplicitlyDisabledDNSPrefetch) {
         m_isDNSPrefetchEnabled = true;
         return;
author	Jan Kundrát <jkt@kde.org>	2018-05-19 18:30:48 +0200
committer	Jan Kundrát <jkt@kde.org>	2019-07-02 17:34:03 +0200
commit	8121ac090502c88cee250ab94faeac2ef3da22ed (patch)
tree	c41d4b03d7c1179eef8c1ec0ece0d7139fe0bcde
parent	bd0657f98aff85b9f06d85a8cf4da6a27f61a56e (diff)
download	qtwebkit-5.9.tar.gz