Closed Bug 443177 Opened 16 years ago Closed 3 years ago

JavaScript Protocol Susceptible to Fuzzing

Categories

(Core :: DOM: Core & HTML, defect, P5)

defect

Tracking

()

RESOLVED INCOMPLETE

People

(Reporter: jeresig, Unassigned)

References

()

Details

Attachments

(1 file)

A number of cases have come up where nonsense characters can be inserted into the javascript: protocol handler and it'll still parse and execute normally - causing significant problems for XSS detectors.
Blocks: xss
Version: unspecified → Trunk
What is the actual bug here?
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046

Move all DOM bugs that haven’t been updated in more than 3 years and has no one currently assigned to P5.

If you have questions, please contact :mdaly.
Priority: -- → P5
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: