W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > September 2010

[Bug 10523] Scripting disabled check should happen after setting 'already started'

From: <bugzilla@jessica.w3.org>
Date: Sat, 25 Sep 2010 19:59:43 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1OzauN-0001wa-8i@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=10523





--- Comment #3 from contributor@whatwg.org  2010-09-25 19:59:42 ---
Checked in as WHATWG revision r5499.
Check-in comment: Make policy checks for <script> happen after the flag is set
that prevents the script from being run again, so that if somehow an attacker
causes a document to be reinserted somewhere that has scripts enabled, the
scripts still won't run.
http://html5.org/tools/web-apps-tracker?from=5498&to=5499

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Saturday, 25 September 2010 19:59:44 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:25 UTC