[Webkit-unassigned] [Bug 66585] XSS filter bypass via document.write(location.href) and fragments
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 24 13:51:32 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=66585
--- Comment #2 from Adam Barth <abarth at webkit.org> 2011-08-24 13:51:32 PST ---
I also can't reproduce. Maybe we should add a test a test and close this issue? I tried this variation as well:
http://security.onofri.org/xss_location.html?#<script>alert('XS%41S');</script>
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list