Bug 93416 - XSS blocker false positive when page contains <iframe src="">
Summary: XSS blocker false positive when page contains <iframe src="">
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Thomas Sepez
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-08-07 17:42 PDT by Matthew Dempsky
Modified: 2012-11-01 18:22 PDT (History)
4 users (show)

See Also:


Attachments
Test cases (3.57 KB, patch)
2012-08-15 15:53 PDT, Thomas Sepez
no flags Details | Formatted Diff | Diff
Patch (6.44 KB, patch)
2012-11-01 14:39 PDT, Thomas Sepez
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Matthew Dempsky 2012-08-07 17:42:43 PDT
Chrome 21.0.1180.57 beta has false positives for URLs containing %3Ciframe%20src=%22 as a query parameter.
Comment 1 Thomas Sepez 2012-08-09 09:49:23 PDT
... and for which the page naturally contains an <iframe ... src="">
Comment 2 Thomas Sepez 2012-08-15 15:53:54 PDT
Created attachment 158652 [details]
Test cases
Comment 3 Thomas Sepez 2012-11-01 14:39:19 PDT
Created attachment 171933 [details]
Patch

Might as well take care of this one while I'm active in the XSSAuditor.
Comment 4 Adam Barth 2012-11-01 14:52:32 PDT
Comment on attachment 171933 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=171933&action=review

> LayoutTests/http/tests/security/xssAuditor/iframe-injection-allowed.html:7
> +  testRunner.dumpAsText();
> +  testRunner.setXSSAuditorEnabled(true);

nit: four-space indent.
Comment 5 WebKit Review Bot 2012-11-01 18:22:37 PDT
Comment on attachment 171933 [details]
Patch

Clearing flags on attachment: 171933

Committed r133249: <http://trac.webkit.org/changeset/133249>
Comment 6 WebKit Review Bot 2012-11-01 18:22:41 PDT
All reviewed patches have been landed.  Closing bug.