WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
69708
Remove "near miss" XSS vulnerabilities in garden-o-matic
https://bugs.webkit.org/show_bug.cgi?id=69708
Summary
Remove "near miss" XSS vulnerabilities in garden-o-matic
Adam Barth
Reported
2011-10-08 14:05:28 PDT
Remove "near miss" XSS vulnerabilities in garden-o-matic
Attachments
Patch
(4.30 KB, patch)
2011-10-08 14:06 PDT
,
Adam Barth
no flags
Details
Formatted Diff
Diff
Patch for landing
(4.31 KB, patch)
2011-10-09 19:14 PDT
,
Adam Barth
no flags
Details
Formatted Diff
Diff
Show Obsolete
(1)
View All
Add attachment
proposed patch, testcase, etc.
Adam Barth
Comment 1
2011-10-08 14:06:58 PDT
Created
attachment 110282
[details]
Patch
David Levin
Comment 2
2011-10-09 18:58:07 PDT
Comment on
attachment 110282
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=110282&action=review
> Tools/BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/scripts/ui.js:80 > + if (tab.parentNode != this)
I'm sure this is obvious to you (and maybe to others?), but I don't understand why this check is need/what it is doing. Maybe you could add a comment about that (and commit it). If it is totally obvious, feel free to just add something in the bug and cq+ this.
Adam Barth
Comment 3
2011-10-09 19:11:53 PDT
getElementById is a global function. It could return a DOM node anywhere in the document (which could have been put their by an attacker). That check just restricts it to the immediate children of this node, which greatly limits any trickery.
Adam Barth
Comment 4
2011-10-09 19:14:24 PDT
Created
attachment 110317
[details]
Patch for landing
WebKit Review Bot
Comment 5
2011-10-09 19:28:09 PDT
Comment on
attachment 110317
[details]
Patch for landing Clearing flags on attachment: 110317 Committed
r97036
: <
http://trac.webkit.org/changeset/97036
>
WebKit Review Bot
Comment 6
2011-10-09 19:28:14 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug