W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > April 2011

[Bug 12469] Dynamic Cross-Site Scripting and Page Repainting

From: <bugzilla@jessica.w3.org>
Date: Mon, 11 Apr 2011 12:26:37 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1Q9GCT-0000li-Ns@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=12469

--- Comment #1 from Simon <simon.young90@live.com> 2011-04-11 12:26:37 UTC ---
The <plaintext> function would be better implimented using CSS styles applied
to a contatiner, to avoid XSS attacks from starting with
"</plaintext><script>.."

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Monday, 11 April 2011 12:26:39 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 16:31:08 UTC