Bug 152872

Summary: [XSS Auditor] Partial bypass when web server collapses path components
Product: WebKit Reporter: Daniel Bates <dbates>
Component: WebCore Misc.Assignee: Daniel Bates <dbates>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, ryanhaddad
Priority: P2 Keywords: BlinkMergeCandidate, XSSAuditor
Version: WebKit Local Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=153250
Attachments:
Description Flags
Patch bfulgham: review+, bfulgham: commit-queue-

Description Daniel Bates 2016-01-07 17:03:07 PST
Blink Issue: <https://code.google.com/p/chromium/issues/detail?id=344146>
Comment 1 Daniel Bates 2016-01-07 17:04:27 PST
Created attachment 268510 [details]
Patch
Comment 2 Brent Fulgham 2016-01-13 13:00:50 PST
Comment on attachment 268510 [details]
Patch

r=me. Please land manually, as the patch does not seem to apply cleanly.
Comment 3 Daniel Bates 2016-01-14 13:38:05 PST
Committed r195073: <http://trac.webkit.org/changeset/195073>