Changeset 52532 in webkit
- Timestamp:
- Dec 23, 2009 3:22:34 PM (14 years ago)
- Location:
- trunk
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r52527 r52532 1 2009-12-23 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 "Refused to execute a JavaScript script" error when embedding SWF with 6 a URL that is also a query parameter 7 https://bugs.webkit.org/show_bug.cgi?id=32908 8 9 Update expected results to show that we don't raise an alarm in this case. 10 11 * http/tests/security/xssAuditor/object-src-inject-expected.txt: 12 1 13 2009-12-23 Dan Bernstein <mitz@apple.com> 2 14 -
trunk/LayoutTests/http/tests/security/xssAuditor/object-src-inject-expected.txt
r51445 r52532 1 CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf".2 1 3 -
trunk/WebCore/ChangeLog
r52530 r52532 1 2009-12-23 Adam Barth <abarth@webkit.org> 2 3 Reviewed by Eric Seidel. 4 5 "Refused to execute a JavaScript script" error when embedding SWF with 6 a URL that is also a query parameter 7 https://bugs.webkit.org/show_bug.cgi?id=32908 8 9 Don't block direct injections into the object src attribute unless 10 there's an illegal character (like < or ") in the URL. This change 11 lets some very unusual vulnerabilities through the filter but removes a 12 false positive that we've seen several times. 13 14 * page/XSSAuditor.cpp: 15 (WebCore::XSSAuditor::canLoadObject): 16 1 17 2009-12-23 Dumitru Daniliuc <dumi@chromium.org> 2 18 -
trunk/WebCore/page/XSSAuditor.cpp
r51445 r52532 164 164 return true; 165 165 166 if (findInRequest(url )) {166 if (findInRequest(url, true, true)) { 167 167 String consoleMessage = String::format("Refused to load an object. URL found within request: \"%s\".\n", url.utf8().data()); 168 168 m_frame->domWindow()->console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, consoleMessage, 1, String());
Note: See TracChangeset
for help on using the changeset viewer.