[Webkit-unassigned] [Bug 26825] innerHTML applies meta/link/title tags before getting commited.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jun 29 20:14:42 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=26825
abarth at webkit.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |abarth at webkit.org
Status|UNCONFIRMED |NEW
Component|WebCore Misc. |Security
Ever Confirmed|0 |1
Product|WebKit |Security
Platform|PC |All
Version|528+ (Nightly build) |525.x (Nightly build)
------- Comment #3 from abarth at webkit.org 2009-06-29 20:14 PDT -------
http://code.google.com/p/chromium/issues/detail?id=15556
Firefox doesn't seem to let you run JavaScript this way. Could be a problem
for sites with poorly written XSS filters. Moving to security component.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list