[webkit-reviews] review requested: [Bug 68898] Regression: View Source not showing closing script tags : [Attachment 108912] Patching XSSAuditor
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 27 15:24:29 PDT 2011
Thomas Sepez <tsepez at chromium.org> has asked for review:
Bug 68898: Regression: View Source not showing closing script tags
https://bugs.webkit.org/show_bug.cgi?id=68898
Attachment 108912: Patching XSSAuditor
https://bugs.webkit.org/attachment.cgi?id=108912&action=review
------- Additional Comments from Thomas Sepez <tsepez at chromium.org>
Most prudent fix is to revert the truncation of the token in the HTMLTokenizer,
and beware of the trailing close script tag. We now have
XSSAuditor::javaScriptForSnippet() which is well suited to doing this itself.
My patch at the tokenizer level fails badly when document.write re-introduces
more text around the insertion point. I'd like to get this resolved, and see
if we can't get proper tokenization later. The patch to the XSSAuditor is
still relevant even in a world where the tokenizer appears correct as a second
line of defense. The tests are still running locally, I'll flip commit-queue
back to ? when they pass, but it would be good to get comments now.
More information about the webkit-reviews
mailing list