[Webkit-unassigned] [Bug 27895] [XSSAuditor] Inline Event Handler with single-line JavaScript quote can bypass XSSAuditor
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jul 31 14:03:12 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=27895
--- Comment #1 from Daniel Bates <dbates at berkeley.edu> 2009-07-31 14:03:11 PDT ---
Created an attachment (id=33902)
--> (https://bugs.webkit.org/attachment.cgi?id=33902)
Proposed path and test
This is a proposed implementation. If we go with it, we may want to split this
into two separate bugs, one for the addition of the
MappedAttributeWithRawCharacters class and one for the XSSAuditor fix.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list