R1:4bfbd209b224
R1:4bfbd209b224
Fix XSS hole in YouTube remarkup rule
Summary:
The source wasn't properly escaped.
Test Plan:
Made a comment like "http://youtube.com/?v="></iframe><h1>!!!</h1>"
Reviewed By: mroch
Reviewers: tomo, mroch, tuomaspelkonen, aran, jungejason
CC: aran, mroch
Differential Revision: 516
Summary:
The source wasn't properly escaped.
Test Plan:
Made a comment like "http://youtube.com/?v="></iframe><h1>!!!</h1>"
Reviewed By: mroch
Reviewers: tomo, mroch, tuomaspelkonen, aran, jungejason
CC: aran, mroch
Differential Revision: 516
Repository: R1 hydra
Commit Date: Jun 24 2011