Summary: | XSSAuditor doesn't need a copy of the original document URL. | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Mike West <mkwst> | ||||
Component: | New Bugs | Assignee: | Mike West <mkwst> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | abarth, dbates, esprehn+autocc, ojan.autocc, tsepez, webkit.review.bot | ||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Bug Depends on: | |||||||
Bug Blocks: | 110733 | ||||||
Attachments: |
|
Description
Mike West
2013-03-10 11:47:18 PDT
Created attachment 192382 [details]
Patch
As Adam noted in https://bugs.webkit.org/show_bug.cgi?id=110733#c36, there doesn't seem to be any good reason to retain a copy of this string. Comment on attachment 192382 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=192382&action=review > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:76 > reportDetails->setString("request-body", xssInfo.m_originalHTTPBody); Is the same true of the request body? (In reply to comment #3) > (From update of attachment 192382 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=192382&action=review > > > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:76 > > reportDetails->setString("request-body", xssInfo.m_originalHTTPBody); > > Is the same true of the request body? Looks like it might be; I don't think there's any circumstance in which the document's loader would change, or the loader's originalRequest. I'll put together another patch and see what happens if I just remove that property as well. Comment on attachment 192382 [details] Patch Clearing flags on attachment: 192382 Committed r145331: <http://trac.webkit.org/changeset/145331> All reviewed patches have been landed. Closing bug. |