[Webkit-unassigned] [Bug 27405] [XSSAuditor] URL encoded ampersand can be used to bypass XSSAuditor
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jul 17 23:20:25 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=27405
Adam Barth <abarth at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #3 from Adam Barth <abarth at webkit.org> 2009-07-17 23:20:25 PDT ---
Committing to http://svn.webkit.org/repository/webkit/trunk ...
M LayoutTests/ChangeLog
A
LayoutTests/http/tests/security/xssAuditor/javascript-link-ampersand-expected.txt
A
LayoutTests/http/tests/security/xssAuditor/javascript-link-ampersand.html
A
LayoutTests/http/tests/security/xssAuditor/link-onclick-ampersand-expected.txt
A LayoutTests/http/tests/security/xssAuditor/link-onclick-ampersand.html
M WebCore/ChangeLog
M WebCore/page/XSSAuditor.cpp
Committed r46086
M WebCore/ChangeLog
M WebCore/page/XSSAuditor.cpp
A
LayoutTests/http/tests/security/xssAuditor/link-onclick-ampersand-expected.txt
A LayoutTests/http/tests/security/xssAuditor/link-onclick-ampersand.html
A
LayoutTests/http/tests/security/xssAuditor/javascript-link-ampersand-expected.txt
A
LayoutTests/http/tests/security/xssAuditor/javascript-link-ampersand.html
M LayoutTests/ChangeLog
r46086 = 209a4aa2f77640ff10c4bb3e541c94cc9ee1a53d (trunk)
No changes between current HEAD and refs/remotes/trunk
Resetting to the latest refs/remotes/trunk
http://trac.webkit.org/changeset/46086
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list