Only allow loading of whitelisted valid uri types

This should prevent bait and switch attacks when using data: or javascript: uris (see http://lcamtuf.coredump.cx/switch/ for an example of the attack).
author: Josh Rickmar <jrick@devio.us> 2012-08-23 13:00:31 -0400
committer: Josh Rickmar <jrick@devio.us> 2012-08-23 13:00:31 -0400
commit: 54dd137368f92cf303b1be02def5c53b23028217 (patch)
tree: d074f7ca81ca1d9e188c2bb9527ae3c6b7bdece1
parent: 5eb53d180ff8ce67a1c3f022cffaca31c3e84ef7 (diff)
download: xombrero-54dd137368f92cf303b1be02def5c53b23028217.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/xombrero.c b/xombrero.c
index 2fa0ad5..f49db15 100644
--- a/xombrero.c
+++ b/xombrero.c
@@ -4834,6 +4834,12 @@ webview_npd_cb(WebKitWebView *wv, WebKitWebFrame *wf,
 
 	uri = (char *)webkit_network_request_get_uri(request);
 
+	if (valid_url_type(uri)) {
+		show_oops(t, "Stopping attempt to load an invalid URI (possible"
+		    " bait and switch attack)");
+		return (TRUE);
+	}
+
 	/* clear t->item, except if we're switching to an about: page */
 	if (t->item && !g_str_has_prefix(uri, "xxxt://")) {
 		g_object_unref(t->item);
author	Josh Rickmar <jrick@devio.us>	2012-08-23 13:00:31 -0400
committer	Josh Rickmar <jrick@devio.us>	2012-08-23 13:00:31 -0400
commit	54dd137368f92cf303b1be02def5c53b23028217 (patch)
tree	d074f7ca81ca1d9e188c2bb9527ae3c6b7bdece1
parent	5eb53d180ff8ce67a1c3f022cffaca31c3e84ef7 (diff)
download	xombrero-54dd137368f92cf303b1be02def5c53b23028217.tar.gz