W3C home > Mailing lists > Public > www-international@w3.org > October to December 2014

[Bug 16691] Fix euc-kr

From: <bugzilla@jessica.w3.org>
Date: Wed, 05 Nov 2014 09:23:50 +0000
To: www-international@w3.org
Message-ID: <bug-16691-4285-ZVmZrQqKhT@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=16691

--- Comment #15 from Anne <annevk@annevk.nl> ---
Jungshik, the reason that happens is that otherwise there's an XSS risk. You
can inject a lead byte to make sure a byte in the 0x00-0x7F range does not get
seen and bytes in that range are often important delimiters. See bug 19961 for
more details and getting these kind of security considerations into the
specification.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Wednesday, 5 November 2014 09:23:51 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 21 September 2016 22:37:38 UTC