Bug 316394 covered both CSS escapes and HTML numeric entities.
This has now been posted to a higher profile site (microsoft) http://blogs.technet.com/bluehat/archive/2008/08/14/targeted-fuzzing.aspx
The branch merge for bug 316394 fixes this testcase.
Fixed by backporting bug 316394. I checked in an HTML test for this. We can use bug 316394 to track the xpcom unit tests needed here.
9 years ago
Verified FIXED using : Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:126.96.36.199) Gecko/2008082909 Firefox/188.8.131.52, which yields http://www.moz�illa.com/. Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:184.108.40.206) Gecko/2008070205 Firefox/220.127.116.11, however, has http://www.mozilla.com. Replacing fixed18.104.22.168 keyword with verified22.214.171.124; additionally, since this bug seems scoped to the 1.8 branch, marking its state as VERIFIED FIXED.