Skip to content
Commit 367ce8a6 authored by Rolf Eike Beer's avatar Rolf Eike Beer
Browse files

fix filename security check being omitted on parse error in HTTP header 

A header like this:

Content-Disposition: attachment; filename="/home/eike/.gnupg/gpg.conf";
  foo="bar; foo="baz"

would not have the path from the filename stripped because of the later parse
error.

This adds a unit test for this and some other cornercases.

CCBUG:278643

backport of 54e8eded
parent da03cc03
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment