46145 – XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if either user or password is passed as argument and the origin of url does not match the XMLHttpRequest origin

NEW 46145

XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if either user or password is passed as argument and the origin of url does not match the XMLHttpRequest origin

https://bugs.webkit.org/show_bug.cgi?id=46145

Summary XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if eith...

Jian Li

Reported 2010-09-20 17:38:57 PDT

XMLHttpRequest: open() does not throw an INVALID_ACCESS_ERR exception if either user or password is passed as argument and the origin of url does not match the XMLHttpRequest origin Test: http://tc.labs.opera.com/apis/XMLHttpRequest/open-user-password-non-same-origin.htm

Attachments
Add attachment proposed patch, testcase, etc.

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware PC

OS All

Product WebKit

Component XML

Assignee

Nobody

Reported

2010-09-20 17:38 PDT

Modified

2010-09-21 09:53 PDT History

CC List

5 users Show

URL

Keywords

Depends on

Blocks