The Vulnerability History Project

Warning: Our website does not support Internet Explorer, please use Edge instead.

Use data:, rather than about:blank as a substitute form action so the resulting blank page will have an unique origin.

      This is similar to the work we did in XSSAuditorDelegate for the mode=block
case, where we used the SecurityOrigin::urlWithUniqueOrign constant.  We can't
use that here due to threading.

Testing is covered by rebasing the existing test cases.
BUG=331060
R=abarth@chromium.org

Review URL: https://codereview.chromium.org/124973004

git-svn-id: svn://svn.chromium.org/blink/trunk@164538 bbb929c8-8fbe-4397-9dbb-9b2b20218538

by Bernard the Sea Lion 2014-01-07 01:09:29 UTC

commit a6d23b1b720689b2247e9e046f0be4e1eaf8f314

Chromium Fix CVE-2013-6657

third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/form-action-expected.txt

+1 -1

third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/formaction-on-button-expected.txt

+1 -1

third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/formaction-on-input-expected.txt

+1 -1

third_party/WebKit/Source/core/html/parser/XSSAuditor.cpp

+3 -10