Closed
Bug 661036
Opened 13 years ago
Closed 13 years ago
nsWebSocket::SetProtocol allows U+0020
Categories
(Core :: Networking: WebSockets, defect)
Core
Networking: WebSockets
Tracking
()
RESOLVED
FIXED
mozilla7
People
(Reporter: dchanm+bugzilla, Assigned: mcmanus)
Details
Attachments
(1 file)
17.65 KB,
patch
|
briansmith
:
review+
Biesinger
:
review+
|
Details | Diff | Splinter Review |
SetProtocol checks that the supplied nsString contains only characters between 0x0020 and 0x007E inclusive [1]. The spec defines valid characters as between 0x0021 and 0x007E inclusive [2]. This likely won't cause any functional issues due to 0x0020 being the space character. [1] - http://mxr.mozilla.org/mozilla-central/source/content/base/src/nsWebSocket.cpp#1060 [2] - http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-07 5.1.10 page 29
Assignee | ||
Comment 1•13 years ago
|
||
That's a good catch - that code is leftover from the -76 implementation when the space was legal. Unfortunately most of our tests use sub-protocols with spaces in them :(
Assignee: nobody → mcmanus
Summary: nsWebSocket::SetProtocol allowed characters off by one → nsWebSocket::SetProtocol allows U+0020
Assignee | ||
Comment 2•13 years ago
|
||
1] fixes issue 2] updates existing tests that accidentally violated that clause 3] adds new test that intentionally violates that clause (part of test-5)
Attachment #536653 -
Flags: review?(bsmith)
Assignee | ||
Updated•13 years ago
|
Attachment #536653 -
Flags: review?(bsmith) → review?(cbiesinger)
Comment 3•13 years ago
|
||
Comment on attachment 536653 [details] [diff] [review] no spaces 1 This looks good to me. Sorry I didn't review it earlier; for some reason I got no email about the review request.
Attachment #536653 -
Flags: review?(cbiesinger) → review+
Updated•13 years ago
|
Attachment #536653 -
Flags: review+
Assignee | ||
Updated•13 years ago
|
Whiteboard: [inbound]
Comment 4•13 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/53418bef40e9
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Whiteboard: [inbound]
Target Milestone: --- → mozilla7
You need to log in
before you can comment on or make changes to this bug.
Description
•