DescriptionBlock Adobe Reader from issuing NPN_GetURL/NPN_GetURLRequests for URL schemes other than http/https/ftp. This mimics Firefox behavior and works around bug http://b/issue?id=1543405 which is a XSS vulnerability in the Adobe Reader plugin where it allows javascript in the parameters passed in to the URL.Bug=1543405
R=jam
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=8159
Patch Set 1 #
Total comments: 2
Patch Set 2 : '' #Patch Set 3 : '' #Patch Set 4 : '' #Patch Set 5 : '' #
Messages
Total messages: 4 (0 generated)
|