Strictly UTF-8 decode the fallback URL #346
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bikeshed warned that I'd never defined |fallbackUrl|, but I missed it before going on parental leave.
jyasskin
force-pushed
the
utf-8-decode-fallback-url
branch
from
876b3c9 to
121ecb1
Compare
nyaxt
approved these changes
Dec 3, 2018
irori
approved these changes
Dec 4, 2018
|
I should add that I found https://cs.chromium.org/chromium/src/net/http/http_response_headers.cc?l=920&rcl=6aa20f013414d789e8d72752a6885ef3d990d274 after I wrote this change, indicating that maybe we'd rather This is also related to whatwg/fetch#843. |
|
UTF-8 is generally preferable I think, but it depends a bit on what kind of field this is. Happy to help if you could give some context. |
|
@annevk This is the field at the beginning of the Signed Exchange format that gives both the URL of the inner resource and a target to redirect to if the Signed Exchange is broken (doesn't parse, the signature doesn't validate, maybe other things). |
|
I'd make those UTF-8. The URL parser will turn it all into ASCII, but it seems preferable to be able to serialize in more ways. |
|
Thanks, @annevk! |
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Dec 19, 2018
GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Dec 19, 2018
GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Dec 19, 2018
GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222
aarongable
pushed a commit
to chromium/chromium
that referenced
this pull request
Dec 19, 2018
GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#617772}
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Dec 19, 2018
GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#617772}
chromium-wpt-export-bot
pushed a commit
to web-platform-tests/wpt
that referenced
this pull request
Dec 19, 2018
GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#617772}
|
For the record, tests for this are web-platform-tests/wpt@2e19cbe and web-platform-tests/wpt@e663fa0. |
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this pull request
Feb 5, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599
mykmelez
pushed a commit
to mykmelez/gecko
that referenced
this pull request
Feb 6, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this pull request
Feb 7, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599
mykmelez
pushed a commit
to mykmelez/gecko
that referenced
this pull request
Feb 8, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified
that referenced
this pull request
Oct 3, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamotochromium.org> Reviewed-by: Kinuko Yasuda <kinukochromium.org> Reviewed-by: Kouhei Ueno <kouheichromium.org> Cr-Commit-Position: refs/heads/master{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599 UltraBlame original commit: 812e25f081670195d2e97402e27d1fa54a8860e7
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified
that referenced
this pull request
Oct 3, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamotochromium.org> Reviewed-by: Kinuko Yasuda <kinukochromium.org> Reviewed-by: Kouhei Ueno <kouheichromium.org> Cr-Commit-Position: refs/heads/master{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599 UltraBlame original commit: c680ff16a9c7a3ff68ac3372ddf0c50263e55a24
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-comments-removed
that referenced
this pull request
Oct 3, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamotochromium.org> Reviewed-by: Kinuko Yasuda <kinukochromium.org> Reviewed-by: Kouhei Ueno <kouheichromium.org> Cr-Commit-Position: refs/heads/master{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599 UltraBlame original commit: 812e25f081670195d2e97402e27d1fa54a8860e7
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-comments-removed
that referenced
this pull request
Oct 3, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamotochromium.org> Reviewed-by: Kinuko Yasuda <kinukochromium.org> Reviewed-by: Kouhei Ueno <kouheichromium.org> Cr-Commit-Position: refs/heads/master{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599 UltraBlame original commit: c680ff16a9c7a3ff68ac3372ddf0c50263e55a24
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified-and-comments-removed
that referenced
this pull request
Oct 4, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamotochromium.org> Reviewed-by: Kinuko Yasuda <kinukochromium.org> Reviewed-by: Kouhei Ueno <kouheichromium.org> Cr-Commit-Position: refs/heads/master{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599 UltraBlame original commit: 812e25f081670195d2e97402e27d1fa54a8860e7
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified-and-comments-removed
that referenced
this pull request
Oct 4, 2019
…RL has invalid UTF-8 sequence, a=testonly Automatic update from web-platform-tests SignedExchange: Reject SXG if fallback URL has invalid UTF-8 sequence GURL parser happily accepts invalid UTF-8 path, so we need to validate the fallback URL string before parsing. Spec: WICG/webpackage#346 Bug: 916390 Change-Id: Ife25621e2a41beef01cbf36a5ab523eaee1ea222 Reviewed-on: https://chromium-review.googlesource.com/c/1382724 Commit-Queue: Kunihiko Sakamoto <ksakamotochromium.org> Reviewed-by: Kinuko Yasuda <kinukochromium.org> Reviewed-by: Kouhei Ueno <kouheichromium.org> Cr-Commit-Position: refs/heads/master{#617772} -- wpt-commits: e663fa084dcdac43fea5cdd6c69b059b5ad0743f wpt-pr: 14599 UltraBlame original commit: c680ff16a9c7a3ff68ac3372ddf0c50263e55a24
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bikeshed warned that I'd never defined |fallbackUrl|, but I missed it
before going on parental leave. Do y'all see any problems with picking this conversion from bytes to a string?
@irori, we ought to test this with a couple bad fallback URLs, say one starting with a BOM, and one with an invalid sequence that the UTF-8 decoder might convert to U+FFFD. Would you be willing to add those tests?
Preview | Diff