summaryrefslogtreecommitdiff
path: root/Userland/Libraries/LibWeb
diff options
context:
space:
mode:
Diffstat (limited to 'Userland/Libraries/LibWeb')
-rw-r--r--Userland/Libraries/LibWeb/Bindings/WindowObject.cpp6
-rw-r--r--Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp14
2 files changed, 16 insertions, 4 deletions
diff --git a/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp b/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
index c2073534b2..3de8c06233 100644
--- a/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
+++ b/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
@@ -386,11 +386,15 @@ JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::atob)
}
auto string = TRY_OR_DISCARD(vm.argument(0).to_string(global_object));
auto decoded = decode_base64(StringView(string));
+ if (!decoded.has_value()) {
+ vm.throw_exception<JS::TypeError>(global_object, JS::ErrorType::InvalidFormat, "Base64");
+ return {};
+ }
// decode_base64() returns a byte string. LibJS uses UTF-8 for strings. Use Latin1Decoder to convert bytes 128-255 to UTF-8.
auto decoder = TextCodec::decoder_for("windows-1252");
VERIFY(decoder);
- return JS::js_string(vm, decoder->to_utf8(decoded));
+ return JS::js_string(vm, decoder->to_utf8(decoded.value()));
}
JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::btoa)
diff --git a/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp b/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
index 02ba6d19b0..1c2bb06208 100644
--- a/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
+++ b/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
@@ -153,10 +153,18 @@ void ResourceLoader::load(LoadRequest& request, Function<void(ReadonlyBytes, con
url.data_payload());
ByteBuffer data;
- if (url.data_payload_is_base64())
- data = decode_base64(url.data_payload());
- else
+ if (url.data_payload_is_base64()) {
+ auto data_maybe = decode_base64(url.data_payload());
+ if (!data_maybe.has_value()) {
+ auto error_message = "Base64 data contains an invalid character"sv;
+ log_failure(request, error_message);
+ error_callback(error_message, {});
+ return;
+ }
+ data = data_maybe.value();
+ } else {
data = url.data_payload().to_byte_buffer();
+ }
log_success(request);
deferred_invoke([data = move(data), success_callback = move(success_callback)] {
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-15 08:17:58 +0000