New issue
Advanced search Search tips

Issue 705885 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner: ----
Closed: Mar 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

XSS in browser by typing Data URL into the address box

Reported by andreash...@gmail.com, Mar 28 2017

Issue description

hello i am reporting this xss in browser :D 
 
xss in google browser.png
11.2 KB View Download
Components: UI>Browser>Omnibox
Labels: -Restrict-View-SecurityTeam allpublic
Status: WontFix (was: Unconfirmed)
Summary: XSS in browser by typing Data URL into the address box (was: XSS in browser)
Typing JavaScript into the address bar does not represent a security vulnerability. More discussion can be found here: https://www.chromium.org/Home/chromium-security/security-faq#TOC-Does-entering-JavaScript:-URLs-in-the-URL-bar-or-running-script-in-the-developer-tools-mean-there-s-an-XSS-vulnerability-

Sign in to add a comment