[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
commit-queue at webkit.org
commit-queue at webkit.org
Wed Dec 22 13:11:24 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit 43d19b917813d7ce567c89955856f73e6674eaff
Author: commit-queue at webkit.org <commit-queue at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Wed Sep 8 15:18:36 2010 +0000
2010-09-08 Sergio Villar Senin <svillar at igalia.com>
Reviewed by Adam Barth.
Errors in LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
https://bugs.webkit.org/show_bug.cgi?id=45377
The test passes a MIME type as argument of a URL. A PHP code uses
that MIME type to fill the Content-Type of the response. If the
MIME type is application/rss+xml the php decodes the '+' as a
blank space and thus the returned content type is incorrectly set
to "rss xml" instead of "rss+xml".
* http/tests/security/resources/send-mime-types.php:
* http/tests/security/xss-DENIED-mime-type-execute-as-html.html:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@66985 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index cb90141..43a2f18 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,19 @@
+2010-09-08 Sergio Villar Senin <svillar at igalia.com>
+
+ Reviewed by Adam Barth.
+
+ Errors in LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
+ https://bugs.webkit.org/show_bug.cgi?id=45377
+
+ The test passes a MIME type as argument of a URL. A PHP code uses
+ that MIME type to fill the Content-Type of the response. If the
+ MIME type is application/rss+xml the php decodes the '+' as a
+ blank space and thus the returned content type is incorrectly set
+ to "rss xml" instead of "rss+xml".
+
+ * http/tests/security/resources/send-mime-types.php:
+ * http/tests/security/xss-DENIED-mime-type-execute-as-html.html:
+
2010-09-07 Martin Robinson <mrobinson at igalia.com>
Reviewed by Dirk Schulze.
diff --git a/LayoutTests/http/tests/security/resources/send-mime-types.php b/LayoutTests/http/tests/security/resources/send-mime-types.php
index 4250eda..50a1d28 100644
--- a/LayoutTests/http/tests/security/resources/send-mime-types.php
+++ b/LayoutTests/http/tests/security/resources/send-mime-types.php
@@ -1,5 +1,5 @@
<?php
- $mime_type = urldecode($_GET["mt"]);
+ $mime_type = $_GET["mt"];
header("Content-Type: ".$mime_type);
diff --git a/LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html b/LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
index 5699e44..4cb5836 100644
--- a/LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
+++ b/LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
@@ -16,7 +16,7 @@ var mime_types = ["application/atom+xml", "application/json",
for(var i in mime_types) {
var ifr = document.createElement('iframe');
- ifr.src = "http://localhost:8000/security/resources/send-mime-types.php?mt=" + escape(mime_types[i]);
+ ifr.src = "http://localhost:8000/security/resources/send-mime-types.php?mt=" + encodeURIComponent(mime_types[i]);
document.body.appendChild(ifr);
}
</script>
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list