Is this a duplicate of *https://bugs.webkit.org/show_bug.cgi?id=106160 <https://bugs.webkit.org/show_bug.cgi?id=106160>* ?
If so, Caja and SES are already safe against this one by virtue of the CANT_SAFELY_VERIFY_SYNTAX repair <https://code.google.com/p/google-caja/source/browse/trunk/src/com/google/caja/ses/repairES5.js#490>. On Thu, Aug 14, 2014 at 1:59 PM, Mike Stay <[email protected]> wrote: > Guest code can crash the browser. It may be further exploitable with more > cleverness. > https://bugs.webkit.org/show_bug.cgi?id=131137 > > -- > > --- > You received this message because you are subscribed to the Google Groups > "Google Caja Discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- Text by me above is hereby placed in the public domain Cheers, --MarkM -- --- You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
