Bug 93416

Summary: XSS blocker false positive when page contains <iframe src="">
Product: WebKit Reporter: Matthew Dempsky <mdempsky>
Component: WebKit Misc.Assignee: Thomas Sepez <tsepez>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, dbates, tsepez, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Test cases
none
Patch none

Matthew Dempsky
Reported 2012-08-07 17:42:43 PDT
Chrome 21.0.1180.57 beta has false positives for URLs containing %3Ciframe%20src=%22 as a query parameter.
Attachments
Test cases (3.57 KB, patch)
2012-08-15 15:53 PDT, Thomas Sepez 		no flags
DetailsFormatted DiffDiff
Patch (6.44 KB, patch)
2012-11-01 14:39 PDT, Thomas Sepez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Thomas Sepez
Comment 1 2012-08-09 09:49:23 PDT
... and for which the page naturally contains an <iframe ... src="">
Thomas Sepez
Comment 2 2012-08-15 15:53:54 PDT
Created attachment 158652 [details] Test cases
Thomas Sepez
Comment 3 2012-11-01 14:39:19 PDT
Created attachment 171933 [details] Patch Might as well take care of this one while I'm active in the XSSAuditor.
Adam Barth
Comment 4 2012-11-01 14:52:32 PDT
Comment on attachment 171933 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=171933&action=review > LayoutTests/http/tests/security/xssAuditor/iframe-injection-allowed.html:7 > + testRunner.dumpAsText(); > + testRunner.setXSSAuditorEnabled(true); nit: four-space indent.
WebKit Review Bot
Comment 5 2012-11-01 18:22:37 PDT
Comment on attachment 171933 [details] Patch Clearing flags on attachment: 171933 Committed r133249: <http://trac.webkit.org/changeset/133249>
WebKit Review Bot
Comment 6 2012-11-01 18:22:41 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.