[webkit-reviews] review requested: [Bug 66588] XSS filter bypass via non-standard URL encoding : [Attachment 106296] Patch and layout tests
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Sep 4 16:37:33 PDT 2011
Daniel Bates <dbates at webkit.org> has asked for review:
Bug 66588: XSS filter bypass via non-standard URL encoding
https://bugs.webkit.org/show_bug.cgi?id=66588
Attachment 106296: Patch and layout tests
https://bugs.webkit.org/attachment.cgi?id=106296&action=review
------- Additional Comments from Daniel Bates <dbates at webkit.org>
Add more high-valued Unicode code points to test case
script-tag-with-16bit-unicode5.html (formerly named
script-tag-with-fancy-unicode5.html).
I renamed the test cases such that they have the suffix 16bit-unicode in their
name so as to more closely match the references to 16-bit Unicode escape
sequences in the code. I am open to suggestions. Should we decide to use this
suffix then we should rename the existing test case
script-tag-with-fancy-unicode.html for consistency.
Added an additional test case, window-open-without-url-should-not-assert.html,
to ensure we don't assert when opening a browser window without a URL using
window.open("") (verbatim).
More information about the webkit-reviews
mailing list