[Webkit-unassigned] [Bug 16073] xss possible because of a bug in Document::setDomain

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 20 16:59:42 PST 2007


------- Comment #4 from ian.eng.webkit at gmail.com  2007-11-20 16:59 PDT -------
(In reply to comment #3)
> (From update of attachment 17421 [edit])
> Assuming you tested the test case before and after the change, r=me.


> It's not that important, but Document::setDomain is also in need of a little
> love to get rid of those nasty nested ifs.  Early return for the win.

Can we get rid of Document::m_domain and use m_securityOrigin.host() instead?
Looks like it is not much useful.

Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list