diff options
author | Jan Kundrát <jkt@kde.org> | 2018-05-19 18:30:48 +0200 |
---|---|---|
committer | Jan Kundrát <jkt@kde.org> | 2019-07-02 17:34:03 +0200 |
commit | 8121ac090502c88cee250ab94faeac2ef3da22ed (patch) | |
tree | c41d4b03d7c1179eef8c1ec0ece0d7139fe0bcde /Source/WebCore/dom/Document.cpp | |
parent | bd0657f98aff85b9f06d85a8cf4da6a27f61a56e (diff) | |
download | qtwebkit-8121ac090502c88cee250ab94faeac2ef3da22ed.tar.gz |
Backport a patch for disabling DNS prefetch5.9
This fixes one occasion of the EFAIL vulnerability [1] for Trojitá
e-mail client. It fixes a privacy leak where malicious HTML content used
to be able to re-enable DNS prefetch.
Patch is straight from WebKit upstream [2] [3], written by Milan Crha
<mcrha@redhat.com> on 2018-02-27. Reviewed by Michael Catanzaro.
[1] https://efail.de/
[2] https://git.webkit.org/?p=WebKit.git;a=commitdiff;h=24e5a4ed218697eb20064e0c14c9e9767f197dbd
[3] https://bugs.webkit.org/show_bug.cgi?id=182924
Task-number: QTBUG-67068
Change-Id: Iec52181c8c77c89e3b8248fa60f5834aa6777458
Reviewed-by: Konstantin Tokarev <annulen@yandex.ru>
Diffstat (limited to 'Source/WebCore/dom/Document.cpp')
-rw-r--r-- | Source/WebCore/dom/Document.cpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/Source/WebCore/dom/Document.cpp b/Source/WebCore/dom/Document.cpp index af63b141f..698bb1cbb 100644 --- a/Source/WebCore/dom/Document.cpp +++ b/Source/WebCore/dom/Document.cpp @@ -4742,6 +4742,9 @@ void Document::initDNSPrefetch() void Document::parseDNSPrefetchControlHeader(const String& dnsPrefetchControl) { + if (!settings()->dnsPrefetchingEnabled()) + return; + if (equalIgnoringCase(dnsPrefetchControl, "on") && !m_haveExplicitlyDisabledDNSPrefetch) { m_isDNSPrefetchEnabled = true; return; |