[Webkit-unassigned] [Bug 66585] XSS filter bypass via document.write(location.href) and fragments
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 24 14:19:06 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=66585
--- Comment #3 from Daniel Bates <dbates at webkit.org> 2011-08-24 14:19:06 PST ---
(In reply to comment #2)
> I also can't reproduce. Maybe we should add a test a test and close this issue?
Actually, we already have a test case that covers this issue:
<http://trac.webkit.org/browser/trunk/LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location.html>.
> I tried this variation as well:
>
> http://security.onofri.org/xss_location.html?#<script>alert('XS%41S');</script>
I'll add a test for this variation.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list