namespace content {
namespace {
+
+const size_t kMaxPageURLLenForFaviconDatabase = 1024;
+
typedef network::mojom::ContentSecurityPolicyType SecurityPolicyType;
static_assert(static_cast<int>(SecurityPolicyType::kReport) ==
if (favicon->icon_type == blink::mojom::FaviconIconType::kFavicon) {
NavigationEntry* entry = web_contents_.GetController().GetVisibleEntry();
- if (!entry)
+ /* Limit the length(<= 1024) and scheme(exclude data scheme) of pageurl in
+ * favicon database */
+ if (!entry || entry->GetURL().SchemeIs(url::kDataScheme) ||
+ entry->GetURL().possibly_invalid_spec().length() >
+ kMaxPageURLLenForFaviconDatabase)
return;
entry->GetFavicon().url = favicon->icon_url;
entry->GetFavicon().valid = true;
-
// check/update the url and favicon url in favicon database
FaviconDatabase::Instance()->SetFaviconURLForPageURL(favicon->icon_url,
entry->GetURL());
projects / platform / framework / web / chromium-efl.git / commitdiff