[Webkit-unassigned] [Bug 29278] XSSAuditor bypasses from sla.ckers.org
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 16 14:25:00 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=29278
--- Comment #5 from Adam Barth <abarth at webkit.org> 2009-09-16 14:25:00 PDT ---
Here are some more examples:
http://eaea.sirdarckcat.net/xss.php?html_xss=%3Cimg+src=%220%22+onerror=%22/%80/;alert(document.domain)%22%3E
http://eaea.sirdarckcat.net/xss.php?html_xss=%3Cimg+src='%80'+onerror=%27alert(document.domain)%27
The poster thinks these might be dups of
https://bugs.webkit.org/show_bug.cgi?id=29306. In any case, we might as well
add test cases for them.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list