[webkit-reviews] review denied: [Bug 26708] XSSAuditor false negatives : [Attachment 31973] Updated patch with tests.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Jun 27 08:56:41 PDT 2009
Adam Barth <abarth at webkit.org> has denied Daniel Bates <dbates at berkeley.edu>'s
request for review:
Bug 26708: XSSAuditor false negatives
https://bugs.webkit.org/show_bug.cgi?id=26708
Attachment 31973: Updated patch with tests.
https://bugs.webkit.org/attachment.cgi?id=31973&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
This looks great except for the HTML entities part. That code really shouldn't
be in the XSSAuditor. It should be shared with the parser. Can you post a
version of the patch without the HTML entities fix? That way we can get the
other issues squared away and focus on the right HTML entities patch.
More information about the webkit-reviews
mailing list