[webkit-reviews] review granted: [Bug 66585] XSS filter bypass via document.write(location.href) and fragments : [Attachment 105811] Patch from prev attachment with corrected indent style.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 31 12:28:37 PDT 2011
Adam Barth <abarth at webkit.org> has granted Thomas Sepez <tsepez at chromium.org>'s
request for review:
Bug 66585: XSS filter bypass via document.write(location.href) and fragments
https://bugs.webkit.org/show_bug.cgi?id=66585
Attachment 105811: Patch from prev attachment with corrected indent style.
https://bugs.webkit.org/attachment.cgi?id=105811&action=review
------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=105811&action=review
> Source/WebCore/html/parser/XSSAuditor.cpp:125
> + } while (workingString.length() < workingLength);
After this program point, workingLength no longer reflects the length of
workingString. That's fine, but slightly confusing. Maybe add a comment? (Or
maybe it's not worth worrying about.)
More information about the webkit-reviews
mailing list