Bug 31595
| Summary: | Missing regression test for security issue | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Richard Moore <rich> |
| Component: | XML | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | Enhancement | CC: | kenneth |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | All | ||
| OS: | All | ||
| URL: | http://exploits.offensive-security.com/record.php?id=9462 | ||
Richard Moore
The security issue in the referenced URL has been addressed, but there doesn't seem to be a regression test to prevent it being reintroduced. The test could be added to the layout test suite as they have the required tools.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Mark Rowe (bdash)
<http://trac.webkit.org/browser/trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-external-entity.xml>