Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-58155

QWebEngineDownloadItem::path() is percent-encoded

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 5.9.0 Beta 2
    • 5.7.1
    • WebEngine
    • None

    Description

      When downloading a file named "foo bar" from a server, QWebEngineDownloadItem::path() ends with "foo%20bar". Meanwhile, Chromium/Firefox save that file as "foo bar".

      When a server sends a Content-Disposition header with filename=foo%20bar, this should be saved as "foo%20bar", and the path is also "foo%20bar" - that means when attempting to percent-decode the value we got, a website can write arbitary files by passing a filename like "..%2F.profile" (which is what happened with at least two QtWebEngine projects).

      Attachments

        For Gerrit Dashboard: QTBUG-58155
        # Subject Branch Project Status CR V
        182490,2 QWebEngineDownloadItem::path() should not be percentage encoded 5.8 qt/qtwebengine Status: MERGED +2 0

        Activity

          People

            allan.jensen Allan Sandfeld Jensen
            the compiler Florian Bruhin
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes