mirror of
https://github.com/servo/servo
synced 2026-05-09 00:22:16 +02:00
144b980df2
Prevent injection vulnerability in image page This is taking up nox' suggestion from #12542 and creates an img element using Rust code instead of escaping the URL. I will look at the neterror.html URL strings separately, we might do those in a similar way. To reproduce, visit e.g. the following URL with your vulnerable Servo: ``` https://servo.org/screenshot.png?'onload='document.body.innerHTML=`hacked`' ``` --- - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] These changes fix #12542 - [x] These changes do not require tests because this is just fixing up existing behavior and I'm not sure how to test it r?@jdm <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/12679) <!-- Reviewable:end -->
