[Bug 10523] Scripting disabled check should happen after setting 'already started'


--- Comment #3 from contributor@whatwg.org  2010-09-25 19:59:42 ---
Checked in as WHATWG revision r5499.
Check-in comment: Make policy checks for <script> happen after the flag is set
that prevents the script from being run again, so that if somehow an attacker
causes a document to be reinserted somewhere that has scripts enabled, the
scripts still won't run.

Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Saturday, 25 September 2010 19:59:44 UTC