257987 – Validate URL strings in notificationPermissions() callback

Bug 257987 - Validate URL strings in notificationPermissions() callback

Summary: Validate URL strings in notificationPermissions() callback

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	Safari 16
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Brady Eidson

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2023-06-12 15:50 PDT by Brady Eidson
Modified:	2023-06-12 17:02 PDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brady Eidson 2023-06-12 15:50:46 PDT

Validate URL strings in notificationPermissions() callback

Client might pass one back that can't parse to a security origin. Skip those.

rdar://110594888

Comment 1 Brady Eidson 2023-06-12 16:01:45 PDT

Pull request: https://github.com/WebKit/WebKit/pull/14896

Comment 2 EWS 2023-06-12 17:02:47 PDT

Committed 265092@main (9b41fc1d2882): <https://commits.webkit.org/265092@main>

Reviewed commits have been landed. Closing PR #14896 and removing active labels.