[Webkit-unassigned] [Bug 46145] New: XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if either user or password is passed as argument and the origin of url does not match the XMLHttpRequest origin
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Sep 20 17:38:57 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=46145
Summary: XMLHttpRequest: open() does not throw an
INVALID_ACCESS_ERR exception if either user or
password is passed as argument and the origin of url
does not match the XMLHttpRequest origin
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore JavaScript
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: jianli at chromium.org
CC: ap at webkit.org, fishd at chromium.org,
dimich at chromium.org, levin at chromium.org,
jianli at chromium.org
XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if either user or password is passed as argument and the origin of url does not match the XMLHttpRequest origin
Test: http://tc.labs.opera.com/apis/XMLHttpRequest/open-user-password-non-same-origin.htm
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list