From deca7f739932b6ad58097989a71b3639e72e5f21 Mon Sep 17 00:00:00 2001
From: David Rosca <nowrep@gmail.com>
Date: Sun, 28 Jan 2018 15:45:54 +0100
Subject: [PATCH] LocationBar: Also whitelist data: scheme for loading urls

---
 autotests/locationbartest.cpp      | 25 +++++++++++++++++++++++--
 autotests/locationbartest.h        |  1 +
 src/lib/navigation/locationbar.cpp |  2 +-
 3 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/autotests/locationbartest.cpp b/autotests/locationbartest.cpp
index b24d38b48..dc38e7ee3 100644
--- a/autotests/locationbartest.cpp
+++ b/autotests/locationbartest.cpp
@@ -74,9 +74,9 @@ void LocationBarTest::loadActionBasicTest()
     action = LocationBar::loadAction("not url with spaces");
     QCOMPARE(action.type, LocationBar::LoadAction::Search);
 
-    action = LocationBar::loadAction("qupzilla:about");
+    action = LocationBar::loadAction("falkon:about");
     QCOMPARE(action.type, LocationBar::LoadAction::Url);
-    QCOMPARE(action.loadRequest.url(), QUrl("qupzilla:about"));
+    QCOMPARE(action.loadRequest.url(), QUrl("falkon:about"));
 }
 
 void LocationBarTest::loadActionBookmarksTest()
@@ -152,4 +152,25 @@ void LocationBarTest::loadAction_kdebug389491()
     QCOMPARE(action.loadRequest.url(), QUrl("http://website.com?search=searchterm and another"));
 }
 
+void LocationBarTest::loadActionSpecialSchemesTest()
+{
+    LocationBar::LoadAction action;
+
+    action = LocationBar::loadAction("data:image/png;base64,xxxxx");
+    QCOMPARE(action.type, LocationBar::LoadAction::Url);
+    QCOMPARE(action.loadRequest.url(), QUrl("data:image/png;base64,xxxxx"));
+
+    action = LocationBar::loadAction("falkon:about");
+    QCOMPARE(action.type, LocationBar::LoadAction::Url);
+    QCOMPARE(action.loadRequest.url(), QUrl("falkon:about"));
+
+    action = LocationBar::loadAction("file:test.html");
+    QCOMPARE(action.type, LocationBar::LoadAction::Url);
+    QCOMPARE(action.loadRequest.url(), QUrl("file:test.html"));
+
+    action = LocationBar::loadAction("about:blank");
+    QCOMPARE(action.type, LocationBar::LoadAction::Url);
+    QCOMPARE(action.loadRequest.url(), QUrl("about:blank"));
+}
+
 FALKONTEST_MAIN(LocationBarTest)
diff --git a/autotests/locationbartest.h b/autotests/locationbartest.h
index 5c83107e4..3b27e35e2 100644
--- a/autotests/locationbartest.h
+++ b/autotests/locationbartest.h
@@ -32,4 +32,5 @@ private slots:
     void loadActionBookmarksTest();
     void loadActionSearchTest();
     void loadAction_kdebug389491();
+    void loadActionSpecialSchemesTest();
 };
diff --git a/src/lib/navigation/locationbar.cpp b/src/lib/navigation/locationbar.cpp
index aabd7c24b..1ee069175 100644
--- a/src/lib/navigation/locationbar.cpp
+++ b/src/lib/navigation/locationbar.cpp
@@ -269,7 +269,7 @@ LocationBar::LoadAction LocationBar::loadAction(const QString &text)
             // Only allow whitelisted schemes
             const QSet<QString> whitelistedSchemes = {
                 QSL("http"), QSL("https"), QSL("ftp"), QSL("file"),
-                QSL("about"), QSL("qupzilla")
+                QSL("data"), QSL("about"), QSL("falkon")
             };
             if (whitelistedSchemes.contains(guessedUrl.scheme())) {
                 action.type = LoadAction::Url;