[Webkit-unassigned] [Bug 45377] Errors in LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 8 03:50:45 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=45377
--- Comment #4 from Sergio Villar Senin <svillar at igalia.com> 2010-09-08 03:50:45 PST ---
(In reply to comment #3)
> (From update of attachment 66866 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=66866&action=prettypatch
>
> Please add more detail to the ChangeLog before landing.
>
> > LayoutTests/ChangeLog:7
> > + Errors in LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
> > + https://bugs.webkit.org/show_bug.cgi?id=45377
> > +
> It would be better if your ChangeLog explains what problem this patch solves. "Errors" is a pretty general problem. You explained it to me over IRC, but someone reading this ChangeLog will be pretty mystified.
Ok I agree. will add more detail
>
> > LayoutTests/http/tests/security/resources/send-mime-types.php:2
> > - $mime_type = urldecode($_GET["mt"]);
> > + $mime_type = $_GET["mt"];
> Yeah, the old code is pretty confused, huh?
Yep :-)
> > LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html:19
> > - ifr.src = "http://localhost:8000/security/resources/send-mime-types.php?mt=" + escape(mime_types[i]);
> > + ifr.src = "http://localhost:8000/security/resources/send-mime-types.php?mt=" + encodeURIComponent(mime_types[i]);
> Did this change actually make a difference? It seems like the other change is probably the operative one.
Yes it's also a must. Without it the PHP will get a '+' character anyway and then transform it into a blank space when parsing the URL.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list