WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
111944
XSSAuditor doesn't need a copy of the original document URL.
https://bugs.webkit.org/show_bug.cgi?id=111944
Summary
XSSAuditor doesn't need a copy of the original document URL.
Mike West
Reported
2013-03-10 11:47:18 PDT
XSSAuditor doesn't need a copy of the original document URL.
Attachments
Patch
(6.50 KB, patch)
2013-03-10 11:57 PDT
,
Mike West
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Mike West
Comment 1
2013-03-10 11:57:30 PDT
Created
attachment 192382
[details]
Patch
Mike West
Comment 2
2013-03-10 11:59:34 PDT
As Adam noted in
https://bugs.webkit.org/show_bug.cgi?id=110733#c36
, there doesn't seem to be any good reason to retain a copy of this string.
Adam Barth
Comment 3
2013-03-10 12:45:18 PDT
Comment on
attachment 192382
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=192382&action=review
> Source/WebCore/html/parser/XSSAuditorDelegate.cpp:76 > reportDetails->setString("request-body", xssInfo.m_originalHTTPBody);
Is the same true of the request body?
Mike West
Comment 4
2013-03-10 12:51:53 PDT
(In reply to
comment #3
)
> (From update of
attachment 192382
[details]
) > View in context:
https://bugs.webkit.org/attachment.cgi?id=192382&action=review
> > > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:76 > > reportDetails->setString("request-body", xssInfo.m_originalHTTPBody); > > Is the same true of the request body?
Looks like it might be; I don't think there's any circumstance in which the document's loader would change, or the loader's originalRequest. I'll put together another patch and see what happens if I just remove that property as well.
WebKit Review Bot
Comment 5
2013-03-10 12:59:18 PDT
Comment on
attachment 192382
[details]
Patch Clearing flags on attachment: 192382 Committed
r145331
: <
http://trac.webkit.org/changeset/145331
>
WebKit Review Bot
Comment 6
2013-03-10 12:59:21 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug