Updates:
Cc: scarybeasts
Comment #18 on issue 20450 by aba...@chromium.org: Chromium shouldn't allow
XHR to local directories
http://code.google.com/p/chromium/issues/detail?id=20450
The fix should be in WebKit, not in the browser, if we can help it. We
should look
at the code, but I think a trailing "/" in the URL might be dispositive.
We can block access by returning false when we get a canRequest for these
URLs and
setting noAccess when we load these URLs into frames.
The Firefox policy is most subtle.
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
