[Webkit-unassigned] [Bug 27071] [XSSAuditor] HTTP parameters with null/control characters bypass XSSAuditor

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Jul 8 14:27:25 PDT 2009 

https://bugs.webkit.org/show_bug.cgi?id=27071


Adam Barth <abarth at webkit.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




--- Comment #9 from Adam Barth <abarth at webkit.org>  2009-07-08 14:27:24 PDT ---
Sending        LayoutTests/ChangeLog
Adding        
LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location-inline-event-null-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location-inline-event-null-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/embed-tag-control-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/embed-tag-control-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/embed-tag-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/embed-tag-null-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/embed-tag-null-char.html
Adding         LayoutTests/http/tests/security/xssAuditor/embed-tag.html
Adding        
LayoutTests/http/tests/security/xssAuditor/link-onclick-control-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/link-onclick-control-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/link-onclick-null-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/link-onclick-null-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-control-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-control-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-null-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-null-char.html
Adding         LayoutTests/http/tests/security/xssAuditor/object-embed-tag.html
Adding        
LayoutTests/http/tests/security/xssAuditor/object-tag-expected.txt
Adding         LayoutTests/http/tests/security/xssAuditor/object-tag.html
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-post-control-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-post-control-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-post-null-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-post-null-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-control-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-control-char.html
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-null-char-expected.txt
Adding        
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-null-char.html
Sending        WebCore/ChangeLog
Sending        WebCore/page/XSSAuditor.cpp
Sending        WebCore/page/XSSAuditor.h
Transmitting file data ................................
Committed revision 45639.
http://trac.webkit.org/changeset/45639

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list