[epiphany] Sanitize passwords from URLs before displaying them

From: Michael Catanzaro <mcatanzaro src gnome org>
To: commits-list gnome org
Cc:
Subject: [epiphany] Sanitize passwords from URLs before displaying them
Date: Mon, 17 Oct 2016 13:10:17 +0000 (UTC)
commit 34a55be44735a0f23b590a1db43f31cb68afc739
Author: Michael Catanzaro <mcatanzaro gnome org>
Date:   Mon Oct 17 08:01:02 2016 -0500

    Sanitize passwords from URLs before displaying them

 embed/ephy-web-view.c              |    6 +++---
 lib/ephy-uri-helpers.c             |   25 ++++++++++++++++++++++++-
 lib/ephy-uri-helpers.h             |    2 +-
 lib/widgets/ephy-download-widget.c |    2 +-
 src/ephy-history-window.c          |    2 +-
 5 files changed, 30 insertions(+), 7 deletions(-)
---
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index 14c911e..e1bf293 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -893,7 +893,7 @@ ephy_web_view_set_address (EphyWebView *view,
   view->address = g_strdup (address);
 
   g_free (view->display_address);
-  view->display_address = ephy_uri_decode (view->address);
+  view->display_address = ephy_uri_decode_and_sanitize (view->address);
 
   is_blank = address == NULL ||
              strcmp (address, "about:blank") == 0;
@@ -1433,7 +1433,7 @@ ephy_web_view_set_loading_message (EphyWebView *view,
     char *decoded_address;
     char *title;
 
-    decoded_address = ephy_uri_decode (address);
+    decoded_address = ephy_uri_decode_and_sanitize (address);
     title = ephy_embed_utils_get_title_from_address (decoded_address);
 
     if (title != NULL && title[0] != '\0') {
@@ -2619,7 +2619,7 @@ ephy_web_view_set_link_message (EphyWebView *view,
   g_free (view->link_message);
 
   if (address) {
-    decoded_address = ephy_uri_decode (address);
+    decoded_address = ephy_uri_decode_and_sanitize (address);
     view->link_message = ephy_embed_utils_link_message_parse (decoded_address);
     g_free (decoded_address);
   } else {
diff --git a/lib/ephy-uri-helpers.c b/lib/ephy-uri-helpers.c
index e0a1450..857a2f9 100644
--- a/lib/ephy-uri-helpers.c
+++ b/lib/ephy-uri-helpers.c
@@ -249,7 +249,7 @@ ephy_remove_tracking_from_uri (const char *uri_string)
   return ret;
 }
 
-char *
+static char *
 ephy_uri_decode (const char *uri_string)
 {
   char *decoded_uri;
@@ -264,6 +264,29 @@ ephy_uri_decode (const char *uri_string)
 }
 
 char *
+ephy_uri_decode_and_sanitize (const char *uri_string)
+{
+  SoupURI *uri;
+  char *sanitized_uri;
+  char *result;
+
+  /* Trick: the parameter does not actually have to be a URI. We allow calling
+   * this function with any address, like about:blank. Just return in that case.
+   */
+  uri = soup_uri_new (uri_string);
+  if (!uri)
+    return g_strdup (uri_string);
+
+  /* Use soup_uri_to_string to remove the password component of the URI. */
+  sanitized_uri = soup_uri_to_string (uri, FALSE);
+  result = ephy_uri_decode (sanitized_uri);
+
+  g_free (sanitized_uri);
+  soup_uri_free (uri);
+  return result;
+}
+
+char *
 ephy_uri_normalize (const char *uri_string)
 {
   SoupURI *uri;
diff --git a/lib/ephy-uri-helpers.h b/lib/ephy-uri-helpers.h
index 4b77a96..dfdfbf3 100644
--- a/lib/ephy-uri-helpers.h
+++ b/lib/ephy-uri-helpers.h
@@ -25,7 +25,7 @@
 G_BEGIN_DECLS
 
 char *ephy_remove_tracking_from_uri (const char *uri);
-char *ephy_uri_decode (const char *uri);
+char *ephy_uri_decode_and_sanitize (const char *uri);
 char *ephy_uri_normalize (const char *uri);
 
 G_END_DECLS
diff --git a/lib/widgets/ephy-download-widget.c b/lib/widgets/ephy-download-widget.c
index 2e905c5..62c760a 100644
--- a/lib/widgets/ephy-download-widget.c
+++ b/lib/widgets/ephy-download-widget.c
@@ -65,7 +65,7 @@ get_destination_basename_from_download (EphyDownload *ephy_download)
     return NULL;
 
   basename = g_filename_display_basename (dest);
-  decoded = ephy_uri_decode (basename);
+  decoded = ephy_uri_decode_and_sanitize (basename);
   g_free (basename);
 
   return decoded;
diff --git a/src/ephy-history-window.c b/src/ephy-history-window.c
index e8a39d2..b104a96 100644
--- a/src/ephy-history-window.c
+++ b/src/ephy-history-window.c
@@ -718,7 +718,7 @@ convert_location_data_func (GtkTreeViewColumn *column,
                       col_id,
                       &url,
                       -1);
-  decoded_url = ephy_uri_decode (url);
+  decoded_url = ephy_uri_decode_and_sanitize (url);
 
   g_object_set (renderer, "text", decoded_url, NULL);
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]