Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(252)

Issue 1179633002: Prevent linear-time forcing of tokens by inducing XSSAuditor page blocks. (Closed)

Created:
5 years, 6 months ago by Tom Sepez
Modified:
5 years, 6 months ago
Reviewers:
Mike West
Base URL:
https://chromium.googlesource.com/chromium/blink.git@master
Target Ref:
refs/heads/master
Project:
blink
Visibility:
Public.

Description

Prevent linear-time forcing of tokens by inducing XSSAuditor page blocks. The page itself must control where the fragment to match ends, otherwise leading-substring matches may be induced. The pre-conditions required for this are expected to be uncommon. BUG=498982 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=196971

Patch Set 1 : Test cases #

Patch Set 2 : Fix leading substring match. #

Patch Set 3 : Fix expected result. #

Total comments: 1

Patch Set 4 : Style. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+50 lines, -2 lines) Patch
A LayoutTests/http/tests/security/xssAuditor/form-action-token-fragment.html View 1 1 chunk +29 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/xssAuditor/form-action-token-fragment-expected.txt View 1 2 1 chunk +8 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/xssAuditor/resources/echo-form-action.pl View 2 chunks +5 lines, -1 line 0 comments Download
M Source/core/html/parser/XSSAuditor.cpp View 1 2 3 1 chunk +8 lines, -1 line 0 comments Download

Messages

Total messages: 7 (3 generated)
Tom Sepez
Mike, for review.
5 years, 6 months ago (2015-06-10 22:38:16 UTC) #2
Mike West
This seems like a reasonable approach. I'm a tiny bit worried that this will open ...
5 years, 6 months ago (2015-06-11 06:01:27 UTC) #3
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1179633002/60001
5 years, 6 months ago (2015-06-11 16:49:30 UTC) #6
commit-bot: I haz the power
5 years, 6 months ago (2015-06-11 20:25:38 UTC) #7
Message was sent while issue was closed.
Committed patchset #4 (id:60001) as
https://src.chromium.org/viewvc/blink?view=rev&revision=196971

Powered by Google App Engine
This is Rietveld 408576698