| OLD | NEW |
|---|
| 1 #!/usr/bin/perl -wT | 1 #!/usr/bin/perl -wT |
| 2 use strict; | 2 use strict; |
| 3 use CGI; | 3 use CGI; |
| 4 | 4 |
| 5 my $cgi = new CGI; | 5 my $cgi = new CGI; |
| 6 | 6 |
| 7 print "X-XSS-Protection: 1\n"; |
| 7 print "Content-Type: text/html; charset=UTF-8\n\n"; | 8 print "Content-Type: text/html; charset=UTF-8\n\n"; |
| 8 | 9 |
| 9 print "<!DOCTYPE html>\n"; | 10 print "<!DOCTYPE html>\n"; |
| 10 print "<html>\n"; | 11 print "<html>\n"; |
| 11 print "<script>\n"; | 12 print "<script>\n"; |
| 12 print "onload = function() {\n"; | 13 print "onload = function() {\n"; |
| 13 print " window.parent.postMessage('loaded', '*');\n"; | 14 print " window.parent.postMessage('loaded', '*');\n"; |
| 14 print "}\n"; | 15 print "}\n"; |
| 15 print "</script>\n"; | 16 print "</script>\n"; |
| 16 print "<body>\n"; | 17 print "<body>\n"; |
| 17 print "<object id=\"object\" name=\"plugin\" type=\"application/x-blink-test-plu
gin\">\n"; | 18 print "<object id=\"object\" name=\"plugin\" type=\"application/x-blink-test-plu
gin\">\n"; |
| 18 print "<param name=\"movie\" value=\"".$cgi->param('q')."\" />\n"; | 19 print "<param name=\"movie\" value=\"".$cgi->param('q')."\" />\n"; |
| 19 print "</object>\n"; | 20 print "</object>\n"; |
| 20 print "</body>\n"; | 21 print "</body>\n"; |
| 21 print "</html>\n"; | 22 print "</html>\n"; |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2524013002:
XSS Auditor: Block by default. (Closed)
