[webkit-reviews] review granted: [Bug 45377] Errors in LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html : [Attachment 66866] Fix for the bug
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 8 03:46:05 PDT 2010
Adam Barth <abarth at webkit.org> has granted Sergio Villar Senin
<svillar at igalia.com>'s request for review:
Bug 45377: Errors in
LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
https://bugs.webkit.org/show_bug.cgi?id=45377
Attachment 66866: Fix for the bug
https://bugs.webkit.org/attachment.cgi?id=66866&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context:
https://bugs.webkit.org/attachment.cgi?id=66866&action=prettypatch
Please add more detail to the ChangeLog before landing.
> LayoutTests/ChangeLog:7
> + Errors in
LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
> + https://bugs.webkit.org/show_bug.cgi?id=45377
> +
It would be better if your ChangeLog explains what problem this patch solves.
"Errors" is a pretty general problem. You explained it to me over IRC, but
someone reading this ChangeLog will be pretty mystified.
> LayoutTests/http/tests/security/resources/send-mime-types.php:2
> - $mime_type = urldecode($_GET["mt"]);
> + $mime_type = $_GET["mt"];
Yeah, the old code is pretty confused, huh?
> LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html:19
> - ifr.src =
"http://localhost:8000/security/resources/send-mime-types.php?mt=" +
escape(mime_types[i]);
> + ifr.src =
"http://localhost:8000/security/resources/send-mime-types.php?mt=" +
encodeURIComponent(mime_types[i]);
Did this change actually make a difference? It seems like the other change is
probably the operative one.
More information about the webkit-reviews
mailing list