Bug 1387355

EventSource: ignore IDs with U+0000

NEW

Unassigned

Get help with this page

Status

()

Product:

Component:

Importance:

normal

Status:

NEW

Reported:

a year ago

Modified:

a year ago

People

(Reporter: annevk, Unassigned)

Tracking

Version:

unspecified

Target:

---

Points:

---

Firefox Tracking Flags

(Not tracked)

Details

Anne (:annevk)

(Reporter)

Description

•

a year ago

Change to standard: https://github.com/whatwg/html/pull/2849

Proposed tests (still need review): https://github.com/w3c/web-platform-tests/pull/6584

It seems good to fix this as this is the only way for someone to smuggle a U+0000 into a header value.

Andrew Overholt [:overholt]

Updated

•

a year ago

Priority: -- → P2

You need to log in before you can comment on or make changes to this bug.

Bugzilla

EventSource: ignore IDs with U+0000

Status

()

People

(Reporter: annevk, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Security

(public)

User Story

Description

Updated