From 8121ac090502c88cee250ab94faeac2ef3da22ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Kundr=C3=A1t?= <jkt@kde.org>
Date: Sat, 19 May 2018 18:30:48 +0200
Subject: Backport a patch for disabling DNS prefetch
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This fixes one occasion of the EFAIL vulnerability [1] for Trojitá
e-mail client. It fixes a privacy leak where malicious HTML content used
to be able to re-enable DNS prefetch.

Patch is straight from WebKit upstream [2] [3], written by Milan Crha
<mcrha@redhat.com> on 2018-02-27. Reviewed by Michael Catanzaro.

[1] https://efail.de/
[2] https://git.webkit.org/?p=WebKit.git;a=commitdiff;h=24e5a4ed218697eb20064e0c14c9e9767f197dbd
[3] https://bugs.webkit.org/show_bug.cgi?id=182924

Task-number: QTBUG-67068
Change-Id: Iec52181c8c77c89e3b8248fa60f5834aa6777458
Reviewed-by: Konstantin Tokarev <annulen@yandex.ru>
---
 Source/WebCore/dom/Document.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Source/WebCore/dom/Document.cpp b/Source/WebCore/dom/Document.cpp
index af63b141f..698bb1cbb 100644
--- a/Source/WebCore/dom/Document.cpp
+++ b/Source/WebCore/dom/Document.cpp
@@ -4742,6 +4742,9 @@ void Document::initDNSPrefetch()
 
 void Document::parseDNSPrefetchControlHeader(const String& dnsPrefetchControl)
 {
+    if (!settings()->dnsPrefetchingEnabled())
+        return;
+
     if (equalIgnoringCase(dnsPrefetchControl, "on") && !m_haveExplicitlyDisabledDNSPrefetch) {
         m_isDNSPrefetchEnabled = true;
         return;
-- 
cgit v1.2.1