diff options
Diffstat (limited to 'Source/WebCore/html/parser/HTMLScriptRunner.cpp')
| -rw-r--r-- | Source/WebCore/html/parser/HTMLScriptRunner.cpp | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Source/WebCore/html/parser/HTMLScriptRunner.cpp b/Source/WebCore/html/parser/HTMLScriptRunner.cpp index 2fe1d30..c99858d 100644 --- a/Source/WebCore/html/parser/HTMLScriptRunner.cpp +++ b/Source/WebCore/html/parser/HTMLScriptRunner.cpp @@ -264,6 +264,7 @@ bool HTMLScriptRunner::requestPendingScript(PendingScript& pendingScript, Elemen ASSERT(!pendingScript.element()); const AtomicString& srcValue = script->getAttribute(srcAttr); // Allow the host to disllow script loads (using the XSSAuditor, etc.) + // FIXME: this check should be performed on the final URL in a redirect chain. if (!m_host->shouldLoadExternalScriptFromSrc(srcValue)) return false; // FIXME: We need to resolve the url relative to the element. |