- From: Hao Li <web-platform-tests-notifications@w3.org>
- Date: Sat, 28 Jun 2014 11:03:12 GMT
- To: public-web-platform-tests-notifications@w3.org
- The value of the location request parameter is used to perform an HTTP redirect, this will cause a redirection to other website URL by attacker. So limit the open redirection in same domain. - It will print an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. Add try catch to avoid print sensitive information. View on GitHub: https://github.com/w3c/web-platform-tests/pull/1084
Received on Saturday, 28 June 2014 11:03:18 UTC