[Webkit-unassigned] [Bug 57035] Web Inspector: render XHRs matching JSON regex as JSON.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Mar 24 10:59:34 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=57035
Yury Semikhatsky <yurys at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #86798|review? |review+
Flag| |
--- Comment #3 from Yury Semikhatsky <yurys at chromium.org> 2011-03-24 10:59:34 PST ---
(From update of attachment 86798)
View in context: https://bugs.webkit.org/attachment.cgi?id=86798&action=review
> Source/WebCore/inspector/front-end/RemoteObject.js:219
> + buffer += ", ";
Why not use Array.join instead?
> Source/WebCore/inspector/front-end/ResourceJSONView.js:41
> + var start = /[{[]/.exec(text);
I vaguely recall that it's not uncommon to use a sequence of all kinds of brackets instead of while(1) to prevent XSS in this case. I don't remember details though and in particular whether the brackets should be opening or closing ones, you may want to double check.
> Source/WebCore/inspector/front-end/ResourceJSONView.js:42
> + if (start && start.index)
Can it be a valid JSON string if it doesn't contain no { nor [ ?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list