[Webkit-unassigned] [Bug 14692] Cross frame scripting allowed by Webkit in layout test
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 9 06:51:26 PDT 2007
http://bugs.webkit.org/show_bug.cgi?id=14692
------- Comment #3 from ddkilzer at webkit.org 2007-08-09 06:51 PDT -------
(In reply to comment #2)
> Created an attachment (id=15854)
--> (http://bugs.webkit.org/attachment.cgi?id=15854&action=view) [edit]
> XSS Cookie demo
>
> Please find an example of HTML to read cookie of google.com. This HTML can be
> on any domain.
Using this demo, I get three errors (as expected?) using both Safari 2.0.4
(419.3) and Safari 3 Public Beta v. 3.0.3 (522.12.1) on Mac OS X 10.4.10
(8R218):
Unsafe JavaScript attempt to access frame with URL
http://bugs.webkit.org/attachment.cgi?id=15854&action=view from frame with URL
http://www.yahoo.com/. Domains must match.
Unsafe JavaScript attempt to access frame with URL http://www.yahoo.com/ from
frame with URL http://bugs.webkit.org/attachment.cgi?id=15854&action=view.
Domains must match.
[6346] http://bugs.webkit.org/attachment.cgi?id=15854&action=view:TypeError -
Undefined value
Unsafe JavaScript attempt to access frame with URL
http://bugs.webkit.org/attachment.cgi?id=15854&action=view from frame with URL
http://www.yahoo.com/. Domains must match.
I get the same errors when the xss_cookie.html file is saved locally and
opened.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list