[Webkit-unassigned] [Bug 27895] [XSSAuditor] Inline Event Handler with single-line JavaScript comment can bypass XSSAuditor
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 8 17:17:05 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=27895
--- Comment #18 from Daniel Bates <dbates at webkit.org> 2009-10-08 17:17:05 PDT ---
We should fix bugs #30241 and #30242 because this patch does not address the
following single-line JavaScript comment attack:
http://good.webblaze.org/dbates/xsstest.php?q=%3Ciframe%20src=%22javascript:%20//%250Aalert(/XSS/)%22%3E%3C/iframe%3E
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list