Bug 40404 - Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::canLoadExternalScriptFromSrc
Summary: Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::c...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Other OS X 10.5
: P2 Normal
Assignee: Adam Barth
URL:
Keywords:
Depends on:
Blocks: 39259
  Show dependency treegraph
 
Reported: 2010-06-09 23:48 PDT by Adam Barth
Modified: 2010-06-10 10:40 PDT (History)
3 users (show)

See Also:


Attachments
Patch (5.78 KB, patch)
2010-06-09 23:55 PDT, Adam Barth
eric: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Adam Barth 2010-06-09 23:48:52 PDT
Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::canLoadExternalScriptFromSrc
Comment 1 Adam Barth 2010-06-09 23:55:41 PDT
Created attachment 58336 [details]
Patch
Comment 2 Eric Seidel (no email) 2010-06-09 23:58:20 PDT
Comment on attachment 58336 [details]
Patch

OK.  dbates should at least see this go by.
Comment 3 Ms2ger (he/him; ⌚ UTC+1/+2) 2010-06-10 02:28:39 PDT
>     // FIXME: We have no easy way to provide the XSSAuditor with the original
>     // un-processed attribute source, so for now we pass nullAtom.
>-    return m_XSSAuditor->canLoadExternalScriptFromSrc(nullAtom, srcValue);
>+    return m_XSSAuditor->canLoadExternalScriptFromSrc(srcValue);

Update the comment?
Comment 4 Adam Barth 2010-06-10 10:21:52 PDT
Good catch.  One sec.
Comment 5 Adam Barth 2010-06-10 10:40:12 PDT
Committed r60964: <http://trac.webkit.org/changeset/60964>