Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge r185003 - WebSQL default functions can bypass authorizer.
<rdar://problem/21048994> and https://bugs.webkit.org/show_bug.cgi?id=145463 Reviewed by Sam Weinig and Alexey Proskuryakov. No new tests yet. * platform/sql/SQLiteDatabase.cpp: (WebCore::unauthorizedSQLFunction): Function to install into SQLite to override some built-in functions. (WebCore::SQLiteDatabase::open): (WebCore::SQLiteDatabase::overrideUnauthorizedFunctions): Install function overrides for functions that take arbitrary input that are also meant to be disabled by virtue of them not being whitelisted. * platform/sql/SQLiteDatabase.h:
- Loading branch information
1 parent
6bea461
commit fd3a1ca
Showing
3 changed files
with
44 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters