[Webkit-unassigned] [Bug 26918] XSSAuditor should prevent injection of HTML Base tag
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jul 1 23:01:40 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=26918
abarth at webkit.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Ever Confirmed|0 |1
------- Comment #1 from abarth at webkit.org 2009-07-01 23:01 PDT -------
Good catch Dan. We should probably handle this similarly to the <script> tag
by checking the unparsed URL against the request.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list