Bug 152872 - [XSS Auditor] Partial bypass when web server collapses path components
Summary: [XSS Auditor] Partial bypass when web server collapses path components
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Local Build
Hardware: All All
: P2 Normal
Assignee: Daniel Bates
URL:
Keywords: BlinkMergeCandidate, XSSAuditor
Depends on:
Blocks:
 
Reported: 2016-01-07 17:03 PST by Daniel Bates
Modified: 2016-01-19 22:51 PST (History)
2 users (show)

See Also:


Attachments
Patch (9.50 KB, patch)
2016-01-07 17:04 PST, Daniel Bates
bfulgham: review+
bfulgham: commit-queue-
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Bates 2016-01-07 17:03:07 PST
Blink Issue: <https://code.google.com/p/chromium/issues/detail?id=344146>
Comment 1 Daniel Bates 2016-01-07 17:04:27 PST
Created attachment 268510 [details]
Patch
Comment 2 Brent Fulgham 2016-01-13 13:00:50 PST
Comment on attachment 268510 [details]
Patch

r=me. Please land manually, as the patch does not seem to apply cleanly.
Comment 3 Daniel Bates 2016-01-14 13:38:05 PST
Committed r195073: <http://trac.webkit.org/changeset/195073>