From b098824eec611578330c4df3756dab9c48f33686 Mon Sep 17 00:00:00 2001
From: "inferno@chromium.org"
 <inferno@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 1 Apr 2010 22:41:34 +0000
Subject: Patch the XSS in Net-internal viewcache by html encoding "key"

BUG=40137
Test=None
Review URL: http://codereview.chromium.org/1543009

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43398 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/url_request/view_cache_helper.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'net/url_request')

diff --git a/net/url_request/view_cache_helper.cc b/net/url_request/view_cache_helper.cc
index b818ba5..2f19529 100644
--- a/net/url_request/view_cache_helper.cc
+++ b/net/url_request/view_cache_helper.cc
@@ -163,7 +163,7 @@ void ViewCacheHelper::GetEntryInfoHTML(const std::string& key,
       data->assign(FormatEntryDetails(entry));
       entry->Close();
     } else {
-      data->assign("no matching cache entry for: " + key);
+      data->assign("no matching cache entry for: " + EscapeForHTML(key));
     }
   }
 }
-- 
cgit v1.1