Download
2012-02-22, 04:37:27
FYI, google recently added some XSS filtering to chrome.
When editing pages you might have issues. There seems to be alot of XSS reflection false positives going on.
I get javascript halts if I simply enter an img
<img src="http://domain.com/test.png" />
Console will show
Refused to execute a JavaScript script. Source code of script found within request.
Still investigating.
EDIT:
Only happening in 3.1, i wonder ifs its the new js queueing with the version numbers.
http://groups.google.com/a/chromium.org/...raot&pli=1
Supposedly you can send a header
X-XSS-Protection: 0
I guess ill try that only on edit pages.
When editing pages you might have issues. There seems to be alot of XSS reflection false positives going on.
I get javascript halts if I simply enter an img
<img src="http://domain.com/test.png" />
Console will show
Refused to execute a JavaScript script. Source code of script found within request.
Still investigating.
EDIT:
Only happening in 3.1, i wonder ifs its the new js queueing with the version numbers.
http://groups.google.com/a/chromium.org/...raot&pli=1
Supposedly you can send a header
X-XSS-Protection: 0
I guess ill try that only on edit pages.
