angler-fishThe Vulnerability History Project

XSSAuditor takes post body from current request, not the original request.

      In the face of a redirect, the information in the original body can't be
reflected in the final page, when we redirect from post to get, since the
get has no body.  And for a 307-style redirect from post to post, the body
will appear in the final post.

This avoids some false positives and also the possibility of some info
leaks from the original post.

BUG=331725
R=abarth@chromium.org

Review URL: https://codereview.chromium.org/128823003

git-svn-id: svn://svn.chromium.org/blink/trunk@164749 bbb929c8-8fbe-4397-9dbb-9b2b20218538
by Bernard the Sea Lion 2014-01-09 07:54:09 UTC
commit 64bebe14963d4059d2e5fdba3c8879b83acc39d0
Chromium Fix CVE-2013-6656
third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/resources/static-script.html
-9
third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/script-tag-post-redirect-expected.txt
-10
third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/script-tag-post-redirect.html
-26
third_party/WebKit/Source/core/html/parser/XSSAuditor.cpp
+1 -1
expand_less