/[blink]
Chromium logo

Revision 164538


Jump to revision: Previous Next
Author: tsepez@chromium.org
Date: Tue Jan 7 01:09:29 2014 UTC (9 years, 4 months ago)
Changed paths: 4
Log Message:
Use data:, rather than about:blank as a substitute form action so the resulting blank page will have an unique origin.

This is similar to the work we did in XSSAuditorDelegate for the mode=block
case, where we used the SecurityOrigin::urlWithUniqueOrign constant.  We can't
use that here due to threading.

Testing is covered by rebasing the existing test cases.
BUG=331060
R=abarth@chromium.org

Review URL: https://codereview.chromium.org/124973004

Changed paths

Path Details
Directorytrunk/LayoutTests/http/tests/security/xssAuditor/form-action-expected.txt modified , text changed
Directorytrunk/LayoutTests/http/tests/security/xssAuditor/formaction-on-button-expected.txt modified , text changed
Directorytrunk/LayoutTests/http/tests/security/xssAuditor/formaction-on-input-expected.txt modified , text changed
Directorytrunk/Source/core/html/parser/XSSAuditor.cpp modified , text changed

Properties

Name Value
commit-bot commit-bot@chromium.org

Powered by ViewVC 1.1.26 ViewVC Help