Henri, there seem to be some related null byte issues according to https://portswigger.net/web-security/cross-site-scripting/cheat-sheet - Firefox allows NULLS after & - Firefox allows NULLs inside named entities Would this patch address those cases, if not, would it make sense to do so?
Bug 1584216 Comment 4 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
Henri, there seem to be some related null byte issues according to https://portswigger.net/web-security/cross-site-scripting/cheat-sheet - Firefox allows NULLS after &, e.g. go to `data:text/html,<a href="javascript&%00%23x3a;alert(1)">Firefox</a>` - Firefox allows NULLs inside named entities, e.g., `data:text/html,<a href="javascript&%00co%00lon;alert(1)">Firefox</a>` Would this patch address those cases, if not, would it make sense to do so?