[Bug 10523] Scripting disabled check should happen after setting 'already started'

http://www.w3.org/Bugs/Public/show_bug.cgi?id=10523





--- Comment #3 from contributor@whatwg.org  2010-09-25 19:59:42 ---
Checked in as WHATWG revision r5499.
Check-in comment: Make policy checks for <script> happen after the flag is set
that prevents the script from being run again, so that if somehow an attacker
causes a document to be reinserted somewhere that has scripts enabled, the
scripts still won't run.
http://html5.org/tools/web-apps-tracker?from=5498&to=5499

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Saturday, 25 September 2010 19:59:44 UTC