[Webkit-unassigned] [Bug 10313] xsl:import and document() don't work in stylesheets loaded via XMLHttpRequest
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jun 24 11:33:41 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=10313
--- Comment #52 from Adam Barth <abarth at webkit.org> 2010-06-24 11:33:40 PST ---
I'm concerned that this patch would make
DOMParser.parseFromString("... untrusted data ...", "application/xml")
an XSS vulnerability. I don't think that's right. Do these tests pass in other browsers?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list