Remove UnescapeRule::URL_SPECIAL_CHARS from components/

We're removing this, in favor of PATH_SEPARATORS and URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS, to reduce the risk of security issues when unescaping, going forward. All the remaining uses of URL_SPECIAL_CHARS in components/ look safe, so this CL replaces URL_SPECIAL_CHARS with both the new values, maintaining old behavior, except in affiliation_utils.cc, where the behavior clearly serves no purpose, and adding both flags would be confusing. BUG=589257 Review URL: https://codereview.chromium.org/1765993002 Cr-Commit-Position: refs/heads/master@{#382881}
author: mmenke <mmenke@chromium.org> 2016-03-23 11:08:17 -0700
committer: Commit bot <commit-bot@chromium.org> 2016-03-23 18:10:07 +0000
commit: fb798389802bd344ccd6594ec0b734c933e5a1d1 (patch)
tree: d3813aeebfcedf32af74c5f289734c946de28fcd
parent: a9415b6fd69350e6410726008c0843ee690baade (diff)
download: chromium_src-fb798389802bd344ccd6594ec0b734c933e5a1d1.zip
chromium_src-fb798389802bd344ccd6594ec0b734c933e5a1d1.tar.gz
chromium_src-fb798389802bd344ccd6594ec0b734c933e5a1d1.tar.bz2
7 files changed, 37 insertions, 27 deletions
diff --git a/components/auto_login_parser/auto_login_parser.cc b/components/auto_login_parser/auto_login_parser.cc
index 38fc633..8f3c725 100644
--- a/components/auto_login_parser/auto_login_parser.cc
+++ b/components/auto_login_parser/auto_login_parser.cc
@@ -54,8 +54,10 @@ bool ParseHeader(const std::string& header,
        ++it) {
     const std::string& key = it->first;
     const std::string& value = it->second;
-    std::string unescaped_value(
-        net::UnescapeURLComponent(value, net::UnescapeRule::URL_SPECIAL_CHARS));
+    std::string unescaped_value(net::UnescapeURLComponent(
+        value,
+        net::UnescapeRule::PATH_SEPARATORS |
+            net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS));
     if (key == "realm") {
       if (!MatchRealm(unescaped_value, realm_restriction))
         return false;
diff --git a/components/bookmarks/browser/bookmark_utils.cc b/components/bookmarks/browser/bookmark_utils.cc
index 0735df8..164e907 100644
--- a/components/bookmarks/browser/bookmark_utils.cc
+++ b/components/bookmarks/browser/bookmark_utils.cc
@@ -527,8 +527,9 @@ base::string16 CleanUpUrlForMatching(
   return base::i18n::ToLower(url_formatter::FormatUrlWithAdjustments(
       GURL(TruncateUrl(gurl.spec())), languages,
       url_formatter::kFormatUrlOmitUsernamePassword,
-      net::UnescapeRule::SPACES | net::UnescapeRule::URL_SPECIAL_CHARS, NULL,
-      NULL, adjustments ? adjustments : &tmp_adjustments));
+      net::UnescapeRule::SPACES | net::UnescapeRule::PATH_SEPARATORS |
+          net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS,
+      nullptr, nullptr, adjustments ? adjustments : &tmp_adjustments));
 }
 
 base::string16 CleanUpTitleForMatching(const base::string16& title) {
diff --git a/components/drive/service/fake_drive_service.cc b/components/drive/service/fake_drive_service.cc
index 3d2c30a..97bc9d8 100644
--- a/components/drive/service/fake_drive_service.cc
+++ b/components/drive/service/fake_drive_service.cc
@@ -500,13 +500,15 @@ CancelCallback FakeDriveService::GetRemainingChangeList(
       if (parameters[i].first == "changestamp") {
         base::StringToInt64(parameters[i].second, &start_changestamp);
       } else if (parameters[i].first == "q") {
-        search_query =
-            net::UnescapeURLComponent(parameters[i].second,
-                                      net::UnescapeRule::URL_SPECIAL_CHARS);
+        search_query = net::UnescapeURLComponent(
+            parameters[i].second,
+            net::UnescapeRule::PATH_SEPARATORS |
+                net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS);
       } else if (parameters[i].first == "parent") {
-        directory_resource_id =
-            net::UnescapeURLComponent(parameters[i].second,
-                                      net::UnescapeRule::URL_SPECIAL_CHARS);
+        directory_resource_id = net::UnescapeURLComponent(
+            parameters[i].second,
+            net::UnescapeRule::PATH_SEPARATORS |
+                net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS);
       } else if (parameters[i].first == "start-offset") {
         base::StringToInt(parameters[i].second, &start_offset);
       } else if (parameters[i].first == "max-results") {
diff --git a/components/password_manager/core/browser/affiliation_utils.cc b/components/password_manager/core/browser/affiliation_utils.cc
index b76d782..ddc2575 100644
--- a/components/password_manager/core/browser/affiliation_utils.cc
+++ b/components/password_manager/core/browser/affiliation_utils.cc
@@ -94,9 +94,11 @@ bool CanonicalizeHashComponent(const base::StringPiece& input_hash,
   // safe" base64 alphabet; plus the padding ('=').
   const char kBase64NonAlphanumericChars[] = "-_=";
 
-  // We need net::UnescapeRule::URL_SPECIAL_CHARS to unescape the padding ('=').
+  // We need net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS to
+  // unescape the padding ('=').
   std::string base64_encoded_hash = net::UnescapeURLComponent(
-      input_hash.as_string(), net::UnescapeRule::URL_SPECIAL_CHARS);
+      input_hash.as_string(),
+      net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS);
 
   if (!base64_encoded_hash.empty() &&
       CanonicalizeBase64Padding(&base64_encoded_hash) &&
diff --git a/components/policy/core/common/cloud/device_management_service_unittest.cc b/components/policy/core/common/cloud/device_management_service_unittest.cc
index 7d3704b..5857a45 100644
--- a/components/policy/core/common/cloud/device_management_service_unittest.cc
+++ b/components/policy/core/common/cloud/device_management_service_unittest.cc
@@ -336,22 +336,22 @@ class QueryParams {
     for (ParamMap::const_iterator i(params_.begin()); i != params_.end(); ++i) {
       std::string unescaped_name(net::UnescapeURLComponent(
           i->first,
-          net::UnescapeRule::NORMAL |
-          net::UnescapeRule::SPACES |
-          net::UnescapeRule::URL_SPECIAL_CHARS |
-          net::UnescapeRule::SPOOFING_AND_CONTROL_CHARS |
-          net::UnescapeRule::REPLACE_PLUS_WITH_SPACE));
+          net::UnescapeRule::NORMAL | net::UnescapeRule::SPACES |
+              net::UnescapeRule::PATH_SEPARATORS |
+              net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS |
+              net::UnescapeRule::SPOOFING_AND_CONTROL_CHARS |
+              net::UnescapeRule::REPLACE_PLUS_WITH_SPACE));
       if (unescaped_name == name) {
         if (found)
           return false;
         found = true;
         std::string unescaped_value(net::UnescapeURLComponent(
             i->second,
-            net::UnescapeRule::NORMAL |
-            net::UnescapeRule::SPACES |
-            net::UnescapeRule::URL_SPECIAL_CHARS |
-            net::UnescapeRule::SPOOFING_AND_CONTROL_CHARS |
-            net::UnescapeRule::REPLACE_PLUS_WITH_SPACE));
+            net::UnescapeRule::NORMAL | net::UnescapeRule::SPACES |
+                net::UnescapeRule::PATH_SEPARATORS |
+                net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS |
+                net::UnescapeRule::SPOOFING_AND_CONTROL_CHARS |
+                net::UnescapeRule::REPLACE_PLUS_WITH_SPACE));
         if (unescaped_value != expected_value)
           return false;
       }
diff --git a/components/signin/core/browser/signin_header_helper.cc b/components/signin/core/browser/signin_header_helper.cc
index 319b6f8..578cb58 100644
--- a/components/signin/core/browser/signin_header_helper.cc
+++ b/components/signin/core/browser/signin_header_helper.cc
@@ -78,9 +78,10 @@ MirrorResponseHeaderDictionary ParseMirrorResponseHeader(
       DLOG(WARNING) << "Unexpected GAIA header field '" << field << "'.";
       continue;
     }
-    dictionary[field.substr(0, delim).as_string()] =
-        net::UnescapeURLComponent(field.substr(delim + 1).as_string(),
-                                  net::UnescapeRule::URL_SPECIAL_CHARS);
+    dictionary[field.substr(0, delim).as_string()] = net::UnescapeURLComponent(
+        field.substr(delim + 1).as_string(),
+        net::UnescapeRule::PATH_SEPARATORS |
+            net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS);
   }
   return dictionary;
 }
diff --git a/components/url_formatter/url_fixer.cc b/components/url_formatter/url_fixer.cc
index 919a38d..54ff17f 100644
--- a/components/url_formatter/url_fixer.cc
+++ b/components/url_formatter/url_fixer.cc
@@ -620,11 +620,13 @@ GURL FixupRelativeFile(const base::FilePath& base_dir,
 #if defined(OS_WIN)
     std::wstring unescaped = base::UTF8ToWide(net::UnescapeURLComponent(
         base::WideToUTF8(trimmed),
-        net::UnescapeRule::SPACES | net::UnescapeRule::URL_SPECIAL_CHARS));
+        net::UnescapeRule::SPACES | net::UnescapeRule::PATH_SEPARATORS |
+            net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS));
 #elif defined(OS_POSIX)
     std::string unescaped = net::UnescapeURLComponent(
         trimmed,
-        net::UnescapeRule::SPACES | net::UnescapeRule::URL_SPECIAL_CHARS);
+        net::UnescapeRule::SPACES | net::UnescapeRule::PATH_SEPARATORS |
+            net::UnescapeRule::URL_SPECIAL_CHARS_EXCEPT_PATH_SEPARATORS);
 #endif
 
     if (!ValidPathForFile(unescaped, &full_path))
author	mmenke <mmenke@chromium.org>	2016-03-23 11:08:17 -0700
committer	Commit bot <commit-bot@chromium.org>	2016-03-23 18:10:07 +0000
commit	fb798389802bd344ccd6594ec0b734c933e5a1d1 (patch)
tree	d3813aeebfcedf32af74c5f289734c946de28fcd
parent	a9415b6fd69350e6410726008c0843ee690baade (diff)
download	chromium_src-fb798389802bd344ccd6594ec0b734c933e5a1d1.zip chromium_src-fb798389802bd344ccd6594ec0b734c933e5a1d1.tar.gz chromium_src-fb798389802bd344ccd6594ec0b734c933e5a1d1.tar.bz2