зеркало из https://github.com/mozilla/pjs.git
Bug 414064 part 1. Mark UTF-7 as being vulnerable to XSS attacks. r=VYV03354@nifty.ne.jp
This commit is contained in:
Родитель
7e664f367c
Коммит
f8a49c58f1
|
@ -43,7 +43,7 @@
|
|||
## Format of this file:
|
||||
##
|
||||
## charset_name.notForBrowser = anything - specifies that this charset is
|
||||
## not to be used in the browser
|
||||
## not to be exposed in the browser charset selection UI
|
||||
## charset_name.notForOutgoing = anything - specifies that this charset is
|
||||
## not to be used for exporting files ('SaveAsCharset' in composer)
|
||||
##
|
||||
|
@ -55,25 +55,39 @@
|
|||
##
|
||||
## charset_name.isMultibyte = multi byte charsets
|
||||
|
||||
# notForBrowser falls into four categories:
|
||||
#
|
||||
# charsets that we need decoders for, that we don't expect ever to appear in
|
||||
# web content
|
||||
# XXX do we still need to support t.61?
|
||||
t.61-8bit.notForBrowser = true
|
||||
x-imap4-modified-utf7.notForBrowser = true
|
||||
|
||||
# charsets that are subsets or variants of other charsets. We implement them
|
||||
# as aliases to the superset
|
||||
windows-936.notForBrowser = true
|
||||
us-ascii.notForBrowser = true
|
||||
iso-8859-6-e.notForBrowser = true
|
||||
iso-8859-6-i.notForBrowser = true
|
||||
ibm864i.notForBrowser = true
|
||||
iso-8859-8-e.notForBrowser = true
|
||||
|
||||
# platform charsets that don't appear in web content
|
||||
ibm869.notForBrowser = true
|
||||
ibm1125.notForBrowser = true
|
||||
ibm1131.notForBrowser = true
|
||||
iso-8859-8-e.notForBrowser = true
|
||||
utf-7.notForBrowser = true
|
||||
|
||||
# charset with isXSSVulnerable
|
||||
x-mac-arabic.notForBrowser = true
|
||||
x-mac-farsi.notForBrowser = true
|
||||
x-mac-hebrew.notForBrowser = true
|
||||
x-imap4-modified-utf7.notForBrowser = true
|
||||
utf-7.notForBrowser = true
|
||||
|
||||
x-mac-arabic.isXSSVulnerable = true
|
||||
x-mac-farsi.isXSSVulnerable = true
|
||||
x-mac-hebrew.isXSSVulnerable = true
|
||||
x-imap4-modified-utf7.isXSSVulnerable = true
|
||||
utf-7.isXSSVulnerable = true
|
||||
|
||||
t.61-8bit.notForOutgoing = true
|
||||
utf-7.notForOutgoing = true
|
||||
|
|
Загрузка…
Ссылка в новой задаче