commit | 484ff36cdcb8dcf5efa999a471d1d509c0a8a5f2 | [log] [tgz] |
---|---|---|
author | elawrence <elawrence@chromium.org> | Mon Apr 17 22:39:49 2017 |
committer | Commit bot <commit-bot@chromium.org> | Mon Apr 17 22:39:49 2017 |
tree | 0112492428171edd1b2a601467c741c6d0cdf880 | |
parent | dbfea6ff41a33e73312113c90f055ce7ac35ba1d [diff] |
Improve canonicalization of mailto url path components The canonicalization of the path component of mailto urls is too lax, leading to information disclosure and possible command injection attacks against mail clients. To fix this, we will percent-encode more characters in the path component of mailto urls, matching other browsers. BUG=711020 TEST=url_unittests Review-Url: https://codereview.chromium.org/2817213002 Cr-Commit-Position: refs/heads/master@{#465046}