Bug 46145
| Summary: | XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if either user or password is passed as argument and the origin of url does not match the XMLHttpRequest origin | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Jian Li <jianli> |
| Component: | XML | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | ap, dimich, fishd, jianli, levin |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | PC | ||
| OS: | All | ||
Jian Li
XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if either user or password is passed as argument and the origin of url does not match the XMLHttpRequest origin
Test: http://tc.labs.opera.com/apis/XMLHttpRequest/open-user-password-non-same-origin.htm
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |