[webkit-reviews] review requested: [Bug 66588] XSS filter bypass via non-standard URL encoding : [Attachment 106296] Patch and layout tests

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Sep 4 16:37:33 PDT 2011

Daniel Bates <dbates at webkit.org> has asked  for review:
Bug 66588: XSS filter bypass via non-standard URL encoding

Attachment 106296: Patch and layout tests

------- Additional Comments from Daniel Bates <dbates at webkit.org>
Add more high-valued Unicode code points to test case
script-tag-with-16bit-unicode5.html (formerly named

I renamed the test cases such that they have the suffix 16bit-unicode in their
name so as to more closely match the references to 16-bit Unicode escape
sequences in the code. I am open to suggestions. Should we decide to use this
suffix then we should rename the existing test case
script-tag-with-fancy-unicode.html for consistency.

Added an additional test case, window-open-without-url-should-not-assert.html,
to ensure we don't assert when opening a browser window without a URL using
window.open("") (verbatim).

More information about the webkit-reviews mailing list