Issue 705885 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Mar 2017
Components:	UI>Browser>Omnibox
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	----
Type:	Bug-Security
allpublic

XSS in browser by typing Data URL into the address box

Reported by andreash...@gmail.com, Mar 28 2017

Issue description

hello i am reporting this xss in browser :D

	xss in google browser.png 11.2 KB View Download

Comment 1 by elawrence@chromium.org, Mar 28 2017

Components: UI>Browser>Omnibox
Labels: -Restrict-View-SecurityTeam allpublic
Status: WontFix (was: Unconfirmed)
Summary: XSS in browser by typing Data URL into the address box (was: XSS in browser)

Typing JavaScript into the address bar does not represent a security vulnerability. More discussion can be found here: https://www.chromium.org/Home/chromium-security/security-faq#TOC-Does-entering-JavaScript:-URLs-in-the-URL-bar-or-running-script-in-the-developer-tools-mean-there-s-an-XSS-vulnerability-

►

Issue 705885 link

Issue metadata

XSS in browser by typing Data URL into the address box

Issue description

Comment 1 by elawrence@chromium.org, Mar 28 2017

Comment 1 Deleted

Sign in to add a comment