[Webkit-unassigned] [Bug 27239] Do not do HTTP Refresh to javascript: or other dangerous URI schemes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Oct 23 14:05:11 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=27239
--- Comment #23 from Chris Evans <scarybeasts at gmail.com> 2009-10-23 14:05:10 PDT ---
I agree it has no particular security consequence.
Regrettably, it was incorrectly reported in a media story as a noteworthy
vulnerability. A few lower-tier security professionals have also misunderstood
this.
I'll pull the fix into Chromium when it is landed, just to keep everyone
placated.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list