[Webkit-unassigned] [Bug 26199] Implement a reflective XSS filter
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 10 01:52:50 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=26199
abarth at webkit.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #31108|0 |1
is obsolete| |
Attachment #31126| |review?
Flag| |
------- Comment #8 from abarth at webkit.org 2009-06-10 01:52 PDT -------
Created an attachment (id=31126)
--> (https://bugs.webkit.org/attachment.cgi?id=31126&action=view)
Cleaned up patch (disabled by default)
Here's a version cleaned up to (hopefully!) match WebKit style. The XSSAuditor
is disabled by default.
Basically, I'd to land this patch (and maybe some follow ups) so we can
experiment with this feature behind a command line flag in Chromium and measure
things like false positives via the Dev channel.
Once we've gathered enough data, we can revisit the issue of whether to turn
this on by default.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list