-
commit-queue@webkit.org authored
against the URL when checking for reflection. Avoids getting caugh up in trailing comments. https://bugs.webkit.org/show_bug.cgi?id=68094 Patch by Tom Sepez <tsepez@chromium.org> on 2011-09-22 Reviewed by Adam Barth. Source/WebCore: Tests: http/tests/security/xssAuditor/script-tag-with-trailing-comment.html http/tests/security/xssAuditor/script-tag-with-trailing-comment2.html http/tests/security/xssAuditor/script-tag-with-trailing-comment3.html * html/parser/XSSAuditor.cpp: (WebCore::XSSAuditor::filterTokenAfterScriptStartTag): (WebCore::XSSAuditor::extractCodeFragment): * html/parser/XSSAuditor.h: LayoutTests: * http/tests/security/xssAuditor/resources/echo-intertag.pl: * http/tests/security/xssAuditor/script-tag-with-trailing-comment-expected.txt: Added. * http/tests/security/xssAuditor/script-tag-with-trailing-comment.html: Added. * http/tests/security/xssAuditor/script-tag-with-trailing-comment2-expected.txt: Added. * http/tests/security/xssAuditor/script-tag-with-trailing-comment2.html: Added. * http/tests/security/xssAuditor/script-tag-with-trailing-comment3-expected.txt: Added. * http/tests/security/xssAuditor/script-tag-with-trailing-comment3.html: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@95774 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2e3b7d95