[Webkit-unassigned] [Bug 29837] New: Write more XSSAuditor tests
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Sep 28 22:14:39 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=29837
Summary: Write more XSSAuditor tests
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: dbates at webkit.org
CC: sam at webkit.org, abarth at webkit.org
Depends on: 26776
Additional test cases adapted from http://webblaze.org/dbates/.
In particular,
Embed Tag JavaScript URL:
http://good.webblaze.org/dbates/xsstest.php?q=%3Cembed%20src=%22javascript:alert%28document.domain%29%22%3E%3C/embed%3E
Object Tag JavaScript URL:
http://good.webblaze.org/dbates/xsstest.php?q=%3Cobject%20data=%22javascript:alert%28document.domain%29%22%3E%3C/object%3E
HTTP-Equiv Refresh JavaScript URL:
http://good.webblaze.org/dbates/xsstest-head.php?q=%3Cmeta+http-equiv%3D%22refresh%22+content%3D%220%3B+url%3Djavascript%3Aalert%28document.domain%29%22%3E
Break out of inside property without quotes:
http://good.webblaze.org/dbates/xsstest-property-noquotes.php?q=1%20onload=alert(/XSS/)
Break out of inside property without quotes using ASCII Tab and / characters:
http://good.webblaze.org/dbates/xsstest-property-noquotes.php?q=dummy%09/onload=alert%28/XSS/%29&dummy=dummy
Injection of property:
http://good.webblaze.org/dbates/xsstest-add-property.php?q=onload=alert%28/XSS/%29&dummy=dummy
+++ This bug was initially created as a clone of Bug #26776 +++
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list