RESOLVED FIXED Bug 40404
Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::canLoadExternalScriptFromSrc 
https://bugs.webkit.org/show_bug.cgi?id=40404
Summary Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::c...
Adam Barth
Reported 2010-06-09 23:48:52 PDT
Use allowRequestIfNoIllegalURICharacters instead of context for XSSAuditor::canLoadExternalScriptFromSrc
Attachments
Patch (5.78 KB, patch)
2010-06-09 23:55 PDT, Adam Barth 		eric: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Adam Barth
Comment 1 2010-06-09 23:55:41 PDT
Created attachment 58336 [details] Patch
Eric Seidel (no email)
Comment 2 2010-06-09 23:58:20 PDT
Comment on attachment 58336 [details] Patch OK. dbates should at least see this go by.
Ms2ger (he/him; ⌚ UTC+1/+2)
Comment 3 2010-06-10 02:28:39 PDT
> // FIXME: We have no easy way to provide the XSSAuditor with the original > // un-processed attribute source, so for now we pass nullAtom. >- return m_XSSAuditor->canLoadExternalScriptFromSrc(nullAtom, srcValue); >+ return m_XSSAuditor->canLoadExternalScriptFromSrc(srcValue); Update the comment?
Adam Barth
Comment 4 2010-06-10 10:21:52 PDT
Good catch. One sec.
Adam Barth
Comment 5 2010-06-10 10:40:12 PDT
Committed r60964: <http://trac.webkit.org/changeset/60964>
Note You need to log in before you can comment on or make changes to this bug.