Opened 12 years ago

Closed 12 years ago

Last modified 12 years ago

#3011 closed defect (fixed)

XhrIframeProxy: xip_client.html and xip_server.html have inadequate protections for XSS

Reported by: James Burke Owned by: James Burke
Priority: high Milestone:
Component: IO Version: 0.4.1
Keywords: Cc:
Blocked By: Blocking:

Description

xip_client.html and xip_server.html have weaknesses that could allow for certain types of cross site scripting attacks. The issues started in 0.4.1.

Change History (5)

comment:1 Changed 12 years ago by James Burke

Resolution: fixed
Status: newclosed

(In [8610]) Fixes #3011.

comment:2 Changed 12 years ago by James Burke

Resolution: fixed

(In [8611]) Fixes #3011.

comment:3 Changed 12 years ago by James Burke

Resolution: fixed

(In [8612]) Fixes #3011.

comment:4 Changed 12 years ago by James Burke

Resolution: fixed

(In [8613]) Fixes #3011

comment:5 Changed 12 years ago by (none)

Milestone: 0.4.3

Milestone 0.4.3 deleted

Note: See TracTickets for help on using tickets.