[Webkit-unassigned] [Bug 66588] XSS filter bypass via non-standard URL encoding

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Sep 1 22:43:08 PDT 2011


--- Comment #2 from Adam Barth <abarth at webkit.org>  2011-09-01 22:43:09 PST ---
(From update of attachment 106094)
View in context: https://bugs.webkit.org/attachment.cgi?id=106094&action=review

> Source/WebCore/html/parser/XSSAuditor.cpp:119
> +static inline String decodeFancyUnicodeEscapeSequences(const String& string)

Love the name.

> Source/WebCore/platform/text/DecodeEscapeSequences.h:38
> +static inline int hexDigitValue(UChar c)

Supposedly including static functions in a header makes the linker sad.  I think this function is in ASCIIType anyway.

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list