-
elawrence authored
The canonicalization of the path component of mailto urls is too lax, leading to information disclosure and possible command injection attacks against mail clients. To fix this, we percent-encode more characters in the path component of mailto urls, matching other Firefox/IE/Edge. The original land of this patch (via 2817213002) omitted an update to layout tests. BUG=711020 TEST=url_unittests,run-webkit-tests fast/url Review-Url: https://codereview.chromium.org/2820373002 Cr-Commit-Position: refs/heads/master@{#465357}
d7548509