83794 – Typos in LayoutTests/http/tests/security/xssAuditor/script-tag-inside-svg-tag*.html

RESOLVED FIXED 83794

Typos in LayoutTests/http/tests/security/xssAuditor/script-tag-inside-svg-tag*.html

https://bugs.webkit.org/show_bug.cgi?id=83794

Summary Typos in LayoutTests/http/tests/security/xssAuditor/script-tag-inside-svg-tag...

Thomas Sepez

Reported 2012-04-12 11:04:04 PDT

Several changes needed to make the XSS in these test cases fire against actual vulnerable browser: - %24 appears in a few places where %23 is required. - Appears webkit's httpd will terminate query parameters at unencoded semicolons ( ; ) - Misordered </svg></script> tags. The tests are still valid, but it is more intuitive to see the XSS pop up.

Attachments
Patch (3.66 KB, patch) 2012-04-12 11:17 PDT, Thomas Sepez	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Thomas Sepez

Comment 1 2012-04-12 11:17:20 PDT

Created attachment 136937 [details] Patch Only tests modified.

WebKit Review Bot

Comment 2 2012-04-12 11:57:41 PDT

Comment on attachment 136937 [details] Patch Clearing flags on attachment: 136937 Committed r114010: <http://trac.webkit.org/changeset/114010>

WebKit Review Bot

Comment 3 2012-04-12 11:57:47 PDT

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Trivial

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component WebCore Misc.

Assignee

Thomas Sepez

Reported

2012-04-12 11:04 PDT

Modified

2012-04-12 11:57 PDT History

CC List

3 users Show

URL

Keywords XSSAuditor

Depends on

Blocks