C0 controls could appear in the middle of a URL

RESOLVED FIXED in Firefox 49

Status

()

RESOLVED FIXED
3 years ago
2 years ago

People

(Reporter: 446240525, Assigned: valentin)

Tracking

(Blocks: 1 bug)

unspecified
mozilla49
Points:
---

Firefox Tracking Flags

(firefox49 fixed)

Details

(Whiteboard: [necko-active] btpp-active)

Attachments

(1 attachment)

(Reporter)

Description

3 years ago
> location.href="https://bugzilla.mozilla.org/?foo=\0&bar=\1"
Exception: "The URI is malformed"  // \1 should be stripped and \0 should be escaped to %00

and same for:

location.assign("http\0://fo\0o.b\0ar/pa\0th#ha\0sh")
location.search="?foo=\0&bar=\1"

etc...

Updated

3 years ago
Blocks: 906714
(Assignee)

Updated

3 years ago
Assignee: nobody → valentin.gosu
Whiteboard: [necko-active]
Whiteboard: [necko-active] → [necko-active] btpp-active
(Assignee)

Comment 1

2 years ago
Anne,
From what I can tell, C0&space are still not allowed in the scheme and host.
As of now, we enforce that we encode all C0 characters&space (except \r\n\t which are stripped) in the path, query and hash, the other exception being \0 - which we can't allow at the moment, since some of our API's still use C null-terminated strings.
Is this OK?
Flags: needinfo?(annevk)

Comment 2

2 years ago
I think the \0 behavior is broken (I believe most other user agents handle it fine), but the rest sounds like it matches the specification, yes.
Flags: needinfo?(annevk)

Comment 3

2 years ago
Wasn't baku just fixing this kind of cases in some other bug? Or perhaps this is some different variant of it.
(In reply to Olli Pettay [:smaug] from comment #3)
> Wasn't baku just fixing this kind of cases in some other bug? Or perhaps
> this is some different variant of it.

Similar thing in form submission. See bug 1272298.
(Assignee)

Comment 5

2 years ago
Created attachment 8754425 [details] [diff] [review]
Encode C0 controls in path, query and hash

MozReview-Commit-ID: 1zGRjVmAWts
Attachment #8754425 - Flags: review?(mcmanus)
Attachment #8754425 - Flags: review?(mcmanus) → review+

Comment 10

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/f8cb3324570e
Status: NEW → RESOLVED
Last Resolved: 2 years ago
status-firefox49: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla49
You need to log in before you can comment on or make changes to this bug.