Bug 40404

Summary: Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::canLoadExternalScriptFromSrc
Product: WebKit Reporter: Adam Barth <abarth>
Component: New BugsAssignee: Adam Barth <abarth>
Status: RESOLVED FIXED    
Severity: Normal CC: dbates, eric, Ms2ger
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Other   
OS: OS X 10.5   
Bug Depends on:    
Bug Blocks: 39259    
Attachments:
Description Flags
Patch eric: review+

Description Adam Barth 2010-06-09 23:48:52 PDT 
Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::canLoadExternalScriptFromSrc
Comment 1 Adam Barth 2010-06-09 23:55:41 PDT 
Created attachment 58336 [details]
Patch
Comment 2 Eric Seidel (no email) 2010-06-09 23:58:20 PDT 
Comment on attachment 58336 [details]
Patch

OK.  dbates should at least see this go by.
Comment 3 Ms2ger (he/him; ⌚ UTC+1/+2) 2010-06-10 02:28:39 PDT 
>     // FIXME: We have no easy way to provide the XSSAuditor with the original
>     // un-processed attribute source, so for now we pass nullAtom.
>-    return m_XSSAuditor->canLoadExternalScriptFromSrc(nullAtom, srcValue);
>+    return m_XSSAuditor->canLoadExternalScriptFromSrc(srcValue);

Update the comment?
Comment 4 Adam Barth 2010-06-10 10:21:52 PDT 
Good catch.  One sec.
Comment 5 Adam Barth 2010-06-10 10:40:12 PDT 
Committed r60964: <http://trac.webkit.org/changeset/60964>