Comment #10 on issue 17892 by [email protected]: History tab search
allows executing and viewing code
http://code.google.com/p/chromium/issues/detail?id=17892
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=26997
------------------------------------------------------------------------
r26997 | [email protected] | 2009-09-23 14:47:32 -0700 (Wed, 23 Sep
2009) | 9 lines
Changed paths:
M
http://src.chromium.org/viewvc/chrome/branches/195/src/chrome/browser/resources/downloads.html?r1=26997&r2=26996
M
http://src.chromium.org/viewvc/chrome/branches/195/src/chrome/browser/resources/history.html?r1=26997&r2=26996
Merge 26357 - Ensure that HTML can't be executed when entered on
the "Search History" or "Search downloads" pages.
BUG= http://crbug.com/17892
TEST= Open history / downloads page. Search for "<h1>HI</h1>". Note that
the HTML is not interpreted, but displayed as text.
Review URL: http://codereview.chromium.org/201129
[email protected]
Review URL: http://codereview.chromium.org/219019
------------------------------------------------------------------------
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
-~----------~----~----~----~------~----~------~--~---
