66579 2011-08-19 13:26:50 -0700 [meta] XSSAuditor should have fewer false negatives 2021-09-21 14:08:38 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) All All RESOLVED WONTFIX XSSAuditor P2 Normal --- 27895 29278 66580 66585 66588 66850 67091 67134 68094 68281 70255 1 abarth webkit-unassigned bfulgham dbates oldest_to_newest 454023 0 abarth 2011-08-19 13:26:50 -0700 Currently the XSSAuditor has very few false positives, but it does have a number of false negatives. False negatives a problematic because they let attackers bypass the filter, negating some of its security benefits. False positives fall into two categories: 1) Tricky injections into in-scope injection contexts. 2) Injections into out-of-scope injection contexts. Whether an injection context is in-scope is somewhat of an arbitrary distinction, but we should aim to tackle all the tricky injection vectors for the in-scope injection contexts before we expand to consider more contexts in-scope. This approach puts us on a path to eliminating all the attack vectors for a given set of vulnerabilities rather than catching some, but not all, the attack vectors for a large number of vulnerabilities. Let's use this bug as a meta bug for Type 1 vulnerabilities (which will appear as blocking this bug). 1795757 1 bfulgham 2021-09-21 14:08:38 -0700 The XSS Auditor is removed in Bug 230499.