54591 – Fix xssAuditor/iframe-injection.html

Bug 54591 - Fix xssAuditor/iframe-injection.html

Summary: Fix xssAuditor/iframe-injection.html

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	New Bugs (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Other OS X 10.5

Importance:	P2 Normal
Assignee:	Adam Barth

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-02-16 14:56 PST by Adam Barth
Modified:	2011-02-19 00:12 PST (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (3.81 KB, patch) 2011-02-16 14:57 PST, Adam Barth	no flags	Details \| Formatted Diff \| Diff
Patch for landing (3.47 KB, patch) 2011-02-18 15:46 PST, Adam Barth	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Adam Barth 2011-02-16 14:56:48 PST

Fix xssAuditor/iframe-injection.html

Comment 1 Adam Barth 2011-02-16 14:57:54 PST

Created attachment 82705 [details]
Patch

Comment 2 Daniel Bates 2011-02-16 15:02:48 PST

Comment on attachment 82705 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=82705&action=review

> Source/WebCore/ChangeLog:8
> +        We should block form actions.  Although this technically can't be used

You mean "block the iframe src attribute".

Comment 3 Adam Barth 2011-02-18 15:46:04 PST

Created attachment 83030 [details]
Patch for landing

Comment 4 WebKit Commit Bot 2011-02-19 00:12:18 PST

Comment on attachment 83030 [details]
Patch for landing

Clearing flags on attachment: 83030

Committed r79106: <http://trac.webkit.org/changeset/79106>

Comment 5 WebKit Commit Bot 2011-02-19 00:12:23 PST

All reviewed patches have been landed.  Closing bug.