- From: <bugzilla@wiggum.w3.org>
- Date: Tue, 15 Jun 2004 22:52:49 +0000
- To: www-validator-cvs@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=799 Summary: HTML, URI escaping issues Product: CSSValidator Version: CSS Validator Platform: Other OS/Version: other Status: NEW Severity: major Priority: P1 Component: Other AssignedTo: ot@w3.org ReportedBy: ville.skytta@iki.fi QAContact: www-validator-cvs@w3.org There are both HTML and URI escaping issues on the results page, and seemingly "inside" the CSS validator too. Missing HTML escaping, some variants: http://jigsaw.w3.org/css-validator/validator?uri=http%3A%2F%2Fjigsaw.w3.org%2F%3Ffoo%3D%3Cscript%3Ealert%28%22hello+world%22%29%3C%2Fscript%3E&usermedium=all http://jigsaw.w3.org/css-validator/validator?uri=%3Cscript%3Ealert%28%27hello+world%27%29%3C%2Fscript%3E&usermedium=all Missing HTML escaping, and malformed request URI also possibly sent on the wire: http://jigsaw.w3.org/css-validator/validator?uri=http%3A%2F%2Fwww.w3.org%2F%3Ffoo%3D%3Cscript%3Ealert%28%27hello+world%27%29%3C%2Fscript%3E&usermedium=all Missing URI escaping: http://jigsaw.w3.org/css-validator/validator?uri=http%3A%2F%2Fjigsaw.w3.org%2F%3Ffoo%3Dbar%26quux%3Dbaz&usermedium=all (See the "If you would like to create a link to this page ... the URI is:" part) ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact.
Received on Tuesday, 15 June 2004 18:52:50 UTC