[Webkit-unassigned] [Bug 29523] [XSSAuditor] JavaScript URLs that are URL-encoded twice can by bypass the XSSAuditor
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Sep 19 16:15:07 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=29523
--- Comment #3 from Daniel Bates <dbates at webkit.org> 2009-09-19 16:15:07 PDT ---
(In reply to comment #2)
> (From update of attachment 39824 [details])
> + m_frame->script()->isEnabled() && !m_frame->script()->isPaused()
>
> Why did we add these conditions that weren't there before?
This is an optimization.
I added these so that we can avoid calling the XSSAuditor when scripts aren't
enabled or paused. Notice, these cases are checked in
FrameLoader::executeScript and at present (i.e. without this patch) the
XSSAuditor is only called after these cases are checked.
Because we now call the XSSAuditor in FrameLoader::executeIfJavaScriptURL, in
particular before calling executeScript, we can save some processing
time/function call, by only calling the XSSAuditor when scripts are enabled and
not paused.
> Can we remove any of the other instances of canEvaluateJavaScriptURL?
Yes, I can clean up ScriptSourceController
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list