[Webkit-unassigned] [Bug 57035] Web Inspector: render XHRs matching JSON regex as JSON.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Mar 24 11:01:57 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=57035
--- Comment #4 from Pavel Feldman <pfeldman at chromium.org> 2011-03-24 11:01:57 PST ---
> I vaguely recall that it's not uncommon to use a sequence of all kinds of brackets instead of while(1) to prevent XSS in this case. I don't remember details though and in particular whether the brackets should be opening or closing ones, you may want to double check.
I did check, they prepend closing brackets.
> > Source/WebCore/inspector/front-end/ResourceJSONView.js:42
> > + if (start && start.index)
>
> Can it be a valid JSON string if it doesn't contain no { nor [ ?
Sure, it can be a string or a number.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list