161939 – [XSS Auditor] HTML5 entities can bypass XSS Auditor

RESOLVED FIXED 161939

[XSS Auditor] HTML5 entities can bypass XSS Auditor

https://bugs.webkit.org/show_bug.cgi?id=161939

Summary [XSS Auditor] HTML5 entities can bypass XSS Auditor

Daniel Bates

Reported 2016-09-13 18:20:22 PDT

Attachments
Patch and Layout Test (5.44 KB, patch) 2016-09-13 18:43 PDT, Daniel Bates	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Daniel Bates

Comment 1 2016-09-13 18:21:22 PDT

Daniel Bates

Comment 2 2016-09-13 18:43:49 PDT

Created attachment 288758 [details] Patch and Layout Test

David Kilzer (:ddkilzer)

Comment 3 2016-09-13 18:58:25 PDT

Comment on attachment 288758 [details] Patch and Layout Test r=me

Daniel Bates

Comment 4 2016-09-22 14:36:28 PDT

Comment on attachment 288758 [details] Patch and Layout Test Clearing flags on attachment: 288758 Committed r206277: <http://trac.webkit.org/changeset/206277>

Daniel Bates

Comment 5 2016-09-22 14:36:31 PDT

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Local Build

Hardware All

OS All

Product WebKit

Component WebCore Misc.

Assignee

Daniel Bates

Reported

2016-09-13 18:20 PDT

Modified

2016-09-22 14:36 PDT History

CC List

3 users Show

URL

Keywords BlinkMergeCandidate, InRadar

Depends on

161937

Blocks

Dependencies

tree graph