[Webkit-unassigned] [Bug 66579] New: [meta] XSSAuditor should have fewer false negatives
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Aug 19 13:26:50 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=66579
Summary: [meta] XSSAuditor should have fewer false negatives
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Keywords: XSSAuditor
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: abarth at webkit.org
CC: dbates at webkit.org
Currently the XSSAuditor has very few false positives, but it does have a number of false negatives. False negatives a problematic because they let attackers bypass the filter, negating some of its security benefits. False positives fall into two categories:
1) Tricky injections into in-scope injection contexts.
2) Injections into out-of-scope injection contexts.
Whether an injection context is in-scope is somewhat of an arbitrary distinction, but we should aim to tackle all the tricky injection vectors for the in-scope injection contexts before we expand to consider more contexts in-scope. This approach puts us on a path to eliminating all the attack vectors for a given set of vulnerabilities rather than catching some, but not all, the attack vectors for a large number of vulnerabilities.
Let's use this bug as a meta bug for Type 1 vulnerabilities (which will appear as blocking this bug).
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list