[Webkit-unassigned] [Bug 29306] New: [XSSAuditor] Scripts with accented characters can bypass the XSSAuditor
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 16 12:27:18 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=29306
Summary: [XSSAuditor] Scripts with accented characters can
bypass the XSSAuditor
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
URL: http://eaea.sirdarckcat.net/xss.php?html_xss=<img%20sr
c=ä%20onerror=alert('ä')>
OS/Version: All
Status: NEW
Keywords: XSSAuditor
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: dbates at webkit.org
CC: mario.heiderich at gmail.com, sam at webkit.org,
abarth at webkit.org
Blocks: 29278
XSSAuditor::decodeURL used the wrong length for the input string. When the
input string was decoded, the decoded result was truncated. Hence, XSSAuditor
was comparing the source code of the script to the truncated input parameters.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list