[Webkit-unassigned] [Bug 17689] Reject long UTF sequences
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 24 15:08:30 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=17689
help.improve.webkit at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P2 |P3
------- Comment #3 from help.improve.webkit at gmail.com 2008-03-24 15:08 PDT -------
Looks like the only remaining worrisome case is multibyte HTML entities. These
could be used to bypass filters that differentiate between absolute and
relative URLs, and apply restrictions based on this distinction:
<a href="javascriptΪlert(1)">Long HTML entity notation might be used
to bypass some URL filters</a>
This is not strictly a browser bug, but it has no legitimate uses, and is a
common XSS vector against applications, so locking it down is certainly
beneficial.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list