Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #7701: additional check for http/https protocols to fix unsafe he… #7803

Merged
merged 1 commit into from
Nov 14, 2016
Merged

Fix #7701: additional check for http/https protocols to fix unsafe he… #7803

merged 1 commit into from
Nov 14, 2016

Conversation

mukulmishra18
Copy link
Contributor

…ader request.

Snuffleupagus
Snuffleupagus requested changes Nov 13, 2016
View reviewed changes
src/core/network.js
@@ -377,6 +377,10 @@ if (typeof PDFJSDev !== 'undefined' && PDFJSDev.test('FIREFOX || MOZCENTRAL')) {
var networkManager = this._manager;
var fullRequestXhrId = this._fullRequestId;
var fullRequestXhr = networkManager.getRequestXhr(fullRequestXhrId);
if (networkManager.isHttp) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hasn't this condition accidentally become inverted!?
As far as I understand, we want to prevent issues when the request is not http or https, and this condition actually does the opposite!
So, I'd assume that you mean:

if (!networkManager.isHttp) {
  return false;
}

Also, let's move this code block up to just after the var networkManager = this._manager; line instead.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh sorry, i accidentally missed '!'.

Also, let's move this code block up to just after the var networkManager = this._manager; line instead.

Okay, i will fix that, Thanks.

src/core/network.js
if (networkManager.isHttp) {
return false;
}

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Please remove trailing whitespace.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay, Please find the PR below. Thanks for your review.

Snuffleupagus
Snuffleupagus reviewed Nov 13, 2016
View reviewed changes
Copy link
Collaborator

@Snuffleupagus Snuffleupagus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please squash the commits, see https://github.com/mozilla/pdf.js/wiki/Squashing-Commits.

@mukulmishra18
Fix mozilla#7701: additional check for http/https protocols to fix un…
6ce2be9 
…safe header request.

add missing ! and removed trailing whitespaces.
@mukulmishra18
Copy link
Contributor Author

@Snuffleupagus, sorry for that, i am a beginner, and thanks for your advice. I will take care of that from now. Please guide me if i am making any mistake. ThankYou

@Snuffleupagus
Copy link
Collaborator

/botio test

@pdfjsbot
Copy link

From: Bot.io (Linux)

Received

Command cmd_test from @Snuffleupagus received. Current queue size: 0

Live output at: http://107.21.233.14:8877/e690a8949e28b0c/output.txt

@pdfjsbot
Copy link

From: Bot.io (Windows)

Received

Command cmd_test from @Snuffleupagus received. Current queue size: 0

Live output at: http://107.22.172.223:8877/9f556839494fe20/output.txt

@pdfjsbot
Copy link

From: Bot.io (Windows)

Success

Full output at http://107.22.172.223:8877/9f556839494fe20/output.txt

Total script time: 26.01 mins

  • Font tests: Passed
  • Unit tests: Passed
  • Regression tests: Passed

@pdfjsbot
Copy link

From: Bot.io (Linux)

Success

Full output at http://107.21.233.14:8877/e690a8949e28b0c/output.txt

Total script time: 38.62 mins

  • Font tests: Passed
  • Unit tests: Passed
  • Regression tests: Passed

@Snuffleupagus
Copy link
Collaborator

sorry for that, I am a beginner, and thanks for your advice. I will take care of that from now.

No worries! For future reference, https://github.com/mozilla/pdf.js/wiki/Contributing contains a lot of useful resources/information about the contribution work flow.

Thank you for the patch!

@Snuffleupagus Snuffleupagus merged commit 7f6a607 into mozilla:master Nov 14, 2016
movsb pushed a commit to movsb/pdf.js that referenced this pull request Jul 14, 2018
@Snuffleupagus
Merge pull request mozilla#7803 from mukulmishra18/master
08eb091 
Fix mozilla#7701: additional check for http/https protocols to fix unsafe he…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Snuffleupagus Snuffleupagus Snuffleupagus approved these changes

Assignees
No one assigned
Labels
core
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@mukulmishra18 @Snuffleupagus @pdfjsbot @yurydelendik @timvandermeij