Source/WebCore/ChangeLog · 2e3b7d95ca518663e911b42429ed1c563a7d667c · App_Technologies / webkit

Make XSSAuditor extract meaningful snippet from script blocks for comparison · 2e3b7d95

commit-queue@webkit.org authored Sep 23, 2011

against the URL when checking for reflection.  Avoids getting caugh up in
trailing comments.
https://bugs.webkit.org/show_bug.cgi?id=68094

Patch by Tom Sepez <tsepez@chromium.org> on 2011-09-22
Reviewed by Adam Barth.

Source/WebCore:

Tests: http/tests/security/xssAuditor/script-tag-with-trailing-comment.html
       http/tests/security/xssAuditor/script-tag-with-trailing-comment2.html
       http/tests/security/xssAuditor/script-tag-with-trailing-comment3.html

* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::filterTokenAfterScriptStartTag):
(WebCore::XSSAuditor::extractCodeFragment):
* html/parser/XSSAuditor.h:

LayoutTests:

* http/tests/security/xssAuditor/resources/echo-intertag.pl:
* http/tests/security/xssAuditor/script-tag-with-trailing-comment-expected.txt: Added.
* http/tests/security/xssAuditor/script-tag-with-trailing-comment.html: Added.
* http/tests/security/xssAuditor/script-tag-with-trailing-comment2-expected.txt: Added.
* http/tests/security/xssAuditor/script-tag-with-trailing-comment2.html: Added.
* http/tests/security/xssAuditor/script-tag-with-trailing-comment3-expected.txt: Added.
* http/tests/security/xssAuditor/script-tag-with-trailing-comment3.html: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@95774 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2e3b7d95