Remove "near miss" XSS vulnerabilities in garden-o-matic
Created attachment 110282 [details] Patch
Comment on attachment 110282 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=110282&action=review > Tools/BuildSlaveSupport/build.webkit.org-config/public_html/TestFailures/scripts/ui.js:80 > + if (tab.parentNode != this) I'm sure this is obvious to you (and maybe to others?), but I don't understand why this check is need/what it is doing. Maybe you could add a comment about that (and commit it). If it is totally obvious, feel free to just add something in the bug and cq+ this.
getElementById is a global function. It could return a DOM node anywhere in the document (which could have been put their by an attacker). That check just restricts it to the immediate children of this node, which greatly limits any trickery.
Created attachment 110317 [details] Patch for landing
Comment on attachment 110317 [details] Patch for landing Clearing flags on attachment: 110317 Committed r97036: <http://trac.webkit.org/changeset/97036>
All reviewed patches have been landed. Closing bug.