[Webkit-unassigned] [Bug 27239] Do not do HTTP Refresh to javascript: or other dangerous URI schemes

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Oct 23 14:05:11 PDT 2009


--- Comment #23 from Chris Evans <scarybeasts at gmail.com>  2009-10-23 14:05:10 PDT ---
I agree it has no particular security consequence.
Regrettably, it was incorrectly reported in a media story as a noteworthy
vulnerability. A few lower-tier security professionals have also misunderstood
I'll pull the fix into Chromium when it is landed, just to keep everyone

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list