[Webkit-unassigned] [Bug 30242] [XSSAuditor] IFrame JavaScript URLs that are URL-encoded twice can by bypass the XSSAuditor
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Oct 11 20:56:29 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=30242
Daniel Bates <dbates at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #41015| |review?
Flag| |
Attachment #41007|0 |1
is obsolete| |
--- Comment #5 from Daniel Bates <dbates at webkit.org> 2009-10-11 20:56:29 PDT ---
Created an attachment (id=41015)
--> (https://bugs.webkit.org/attachment.cgi?id=41015)
Patch with test cases
Here is an updated patch.
I agree the code is getting a bit messy with the booleans. Do you want me to
try to clean this up now? Otherwise, I would suggest we do a clean up patch
after we get this one and bug #27895 resolved.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list