DescriptionMerge 57386 - 2010-04-09 Abhishek Arya <inferno@chromium.org>
Reviewed by Adam Barth.
Prevent HTTP responses served with JSON content type from being rendered as HTML.
Test: http/tests/security/xss-DENIED-mime-type-execute-as-html.html
* dom/DOMImplementation.cpp:
(WebCore::DOMImplementation::isTextMIMEType): Render application/json as text/plain.
* platform/MIMETypeRegistry.cpp:
(WebCore::initializeSupportedNonImageMimeTypes): Add a compile assert to prevent addition of new mime types in non-image types.
2010-04-09 Abhishek Arya <inferno@chromium.org>
Reviewed by Adam Barth.
Test non-image and javascript mime types are not rendered as HTML.
* http/tests/security/resources/send-mime-types.php: Added.
* http/tests/security/xss-DENIED-mime-type-execute-as-html-expected.txt: Added.
* http/tests/security/xss-DENIED-mime-type-execute-as-html.html: Added.
BUG=38105
TEST=NONE
TBR=abarth@webkit.org
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=49840
Patch Set 1 #
Messages
Total messages: 1 (0 generated)
|