[Webkit-unassigned] [Bug 12107] Security Regression: Plugins load remote javascript in embedded page's context

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Feb 7 03:53:42 PST 2007


------- Comment #13 from webkit-bugs at gentlyusedunderwear.com  2007-02-07 03:53 PDT -------
The problem isn't that webkit (or any browser) shows the dialog. The problem
(en masse) is the domain the browser says the dialog is from. Many, many Web
browsers have labeled the domain in which a dialog comes from after a flaw in
the way dialogs was shown was found across browsers.

Due to the labeling, showing a dialog is the easiest way to determine if a
browser is susceptible to the bug.

Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list