Comparing $cgi->param('nonce') to a string without checking if it's provided at all.
Created attachment 208550 [details] proposed fix
Comment on attachment 208550 [details] proposed fix Clearing flags on attachment: 208550 Committed r153953: <http://trac.webkit.org/changeset/153953>
All reviewed patches have been landed. Closing bug.