Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(243)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1190433008: Prevent linear-time forcing of tokens by inducing XSSAuditor page blocks. (Closed)

Created:
5 years, 6 months ago by Tom Sepez
Modified:
5 years, 6 months ago
Reviewers:
CC:
blink-reviews, dglazkov+blink, blink-reviews-html_chromium.org
Target Ref:
refs/branch-heads/chromium/2403
Project:
blink
Visibility:
Public.

Description

Prevent linear-time forcing of tokens by inducing XSSAuditor page blocks. The page itself must control where the fragment to match ends, otherwise leading-substring matches may be induced. The pre-conditions required for this are expected to be uncommon. BUG=498982 Review URL: https://codereview.chromium.org/1179633002 git-svn-id: svn://svn.chromium.org/blink/trunk@196971 bbb929c8-8fbe-4397-9dbb-9b2b20218538 (cherry picked from commit 52e2a37cc5f36890d6015db7852ead73eac5c36c) Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=197177

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+50 lines, -2 lines) Patch
A LayoutTests/http/tests/security/xssAuditor/form-action-token-fragment.html View 1 chunk +29 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/xssAuditor/form-action-token-fragment-expected.txt View 1 chunk +8 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/xssAuditor/resources/echo-form-action.pl View 2 chunks +5 lines, -1 line 0 comments Download
M Source/core/html/parser/XSSAuditor.cpp View 1 chunk +8 lines, -1 line 0 comments Download

Messages

Total messages: 1 (0 generated)
Tom Sepez
5 years, 6 months ago (2015-06-16 16:22:16 UTC) #1
Message was sent while issue was closed. 
Committed patchset #1 (id:1) manually as 197177.

Powered by Google App Engine
This is Rietveld 408576698