W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > August 2010

[Bug 9834] Please restrict the quirk to same-origin loads per CVE-2010-0654

From: <bugzilla@jessica.w3.org>
Date: Thu, 26 Aug 2010 01:47:10 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1OoRYc-0006c7-Mj@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=9834





--- Comment #2 from contributor@whatwg.org  2010-08-26 01:47:10 ---
Checked in as WHATWG revision r5353.
Check-in comment: rel=stylesheet should only override HTTP same-origin, to
avoid cross-origin data theft
http://html5.org/tools/web-apps-tracker?from=5352&to=5353

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Thursday, 26 August 2010 01:47:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:21 UTC