Skip to content
Commit 4077bd26 authored by Rolf Eike Beer's avatar Rolf Eike Beer Committed by Rolf Eike Beer
Browse files

fix filename security check being omitted on parse error in HTTP header 

A header like this:

Content-Disposition: attachment; filename="/home/eike/.gnupg/gpg.conf";
  foo="bar; foo="baz"

would not have the path from the filename stripped because of the later parse
error.

This adds a unit test for this and some other cornercases.

CCBUG:278643
FIXED-IN:4.7.1

backport of 54e8eded
parent 9e03aa21
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment