[Webkit-unassigned] [Bug 178060] New: Sanitize URL in pasteboard for other applications and cross origin content

Sat Oct 7 20:41:13 PDT 2017

https://bugs.webkit.org/show_bug.cgi?id=178060

            Bug ID: 178060
           Summary: Sanitize URL in pasteboard for other applications and
                    cross origin content
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: HTML Editing
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rniwa at webkit.org
                CC: wenson_hsieh at apple.com

When putting URL into pasteboard, we should sanitize it for non-web contents and cross origin websites.
Otherwise, we run the risk of letting web contents expositing vulnerabilities in URL parsers in other applications.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171008/004bd6bc/attachment.html>