[giow] (3) Security: data: URLs shouldn't get the origin of a redirector, since that...
authorIan Hickson <ian@hixie.ch>
Fri, 31 May 2013 20:13:13 +0000 (20:13 +0000)
committerIan Hickson <ian@hixie.ch>
Fri, 31 May 2013 20:13:13 +0000 (20:13 +0000)
commit9d54bd460b830134591b4fdb6b36600b24b44fdd
treebe0faff95942a27116af57840ec23b02f05ec3e2
parent12465df7e78a3dba12660147d0b5287e8289c095
[giow] (3) Security: data: URLs shouldn't get the origin of a redirector, since that redirector might be tricked into redirecting a data: URLs by a hostile origin, thus letting that hostile origin expose a same-origin data: URL.
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=21506
Affected topics: Security

git-svn-id: http://svn.whatwg.org/webapps@7881 340c8d12-0b0e-0410-8428-c7bf67bfef74
complete.html
index
source