Bug 13579
| Summary: | window.location.assign(url) ignores "javascript:" type addresses | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Feng Qian <ian.eng.webkit> |
| Component: | WebCore JavaScript | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | Normal | CC: | fishd |
| Priority: | P2 | ||
| Version: | 523.x (Safari 3) | ||
| Hardware: | Mac | ||
| OS: | OS X 10.4 | ||
Feng Qian
window.location = "javascript:alert('hello world');"; displays the alert window.
window.location.assign("javascript:alert('hello world')") does not.
It looks like a systematical pattern in kjs_window.cpp that ignores requested urls that start with 'javascript:'.
Other browsers support window.location.assign('javascript:...');
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Mark Rowe (bdash)
This works for me in the latest nightly build.
<script type="text/javascript">
window.location.assign('javascript:alert("Hi")');
</script>
Feng Qian
After re-thinking, it might have its purpose. This can restrict some type of XSS attack.
Feng Qian
Updated my tree, and it works fine.
(In reply to comment #1)
> This works for me in the latest nightly build.
>
> <script type="text/javascript">
> window.location.assign('javascript:alert("Hi")');
> </script>
>