You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flex.apache.org by jm...@apache.org on 2016/11/03 06:43:36 UTC
git commit: [flex-sdk] [refs/heads/release4.16.0] - FLEX-35123 Fix
DOM XSS vulnerability for very old versions of Safari
Repository: flex-sdk
Updated Branches:
refs/heads/release4.16.0 2d698095a -> 4fa501472
FLEX-35123 Fix DOM XSS vulnerability for very old versions of Safari
Project: http://git-wip-us.apache.org/repos/asf/flex-sdk/repo
Commit: http://git-wip-us.apache.org/repos/asf/flex-sdk/commit/4fa50147
Tree: http://git-wip-us.apache.org/repos/asf/flex-sdk/tree/4fa50147
Diff: http://git-wip-us.apache.org/repos/asf/flex-sdk/diff/4fa50147
Branch: refs/heads/release4.16.0
Commit: 4fa501472d31de82d2f4cb29404c68c939099c69
Parents: 2d69809
Author: Justin Mclean <jm...@apache.org>
Authored: Thu Nov 3 17:43:14 2016 +1100
Committer: Justin Mclean <jm...@apache.org>
Committed: Thu Nov 3 17:43:14 2016 +1100
----------------------------------------------------------------------
templates/swfobject/history/history.js | 23 ++---------------------
1 file changed, 2 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/flex-sdk/blob/4fa50147/templates/swfobject/history/history.js
----------------------------------------------------------------------
diff --git a/templates/swfobject/history/history.js b/templates/swfobject/history/history.js
index 4db119c..e0c3183 100644
--- a/templates/swfobject/history/history.js
+++ b/templates/swfobject/history/history.js
@@ -262,27 +262,8 @@ BrowserHistory = (function() {
}
if (browser.safari && !browserHasHashChange) {
- // for Safari, submit a form whose action points to the desired URL
- if (browser.version <= 419.3) {
- var file = window.location.pathname.toString();
- file = file.substring(file.lastIndexOf("/")+1);
- getFormElement().innerHTML = '<form name="historyForm" action="'+file+'#' + flexAppUrl + '" method="GET"></form>';
- //get the current elements and add them to the form
- var qs = window.location.search.substring(1);
- var qs_arr = qs.split("&");
- for (var i = 0; i < qs_arr.length; i++) {
- var tmp = qs_arr[i].split("=");
- var elem = document.createElement("input");
- elem.type = "hidden";
- elem.name = tmp[0];
- elem.value = tmp[1];
- document.forms.historyForm.appendChild(elem);
- }
- document.forms.historyForm.submit();
- } else {
- top.location.hash = flexAppUrl;
- }
- // We also have to maintain the history by hand for Safari
+ top.location.hash = flexAppUrl;
+ // We have to maintain the history by hand for Safari
historyHash[history.length] = flexAppUrl;
_storeStates();
} else {