This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
Back to bug 14329
Who | When | What | Removed | Added |
---|---|---|---|---|
html5 | 2011-09-28 18:25:51 UTC | CC | html5 | |
Summary | I believe the possible DoS attack "message flooding" should be addressed i.e. a rogue domain uses "postMessage" to crash an implementation, crash another window etc. Jean-Lou Dupont html5@jldupont.com | I believe the possible DoS attack "message flooding" should be addressed i.e. a rogue domain uses "postMessage" to crash an implementation, crash another window etc. Jean-Lou Dupont | ||
ian | 2011-10-02 16:40:30 UTC | CC | ian | |
ian | 2011-10-17 22:25:17 UTC | Status | NEW | ASSIGNED |
ian | 2011-10-18 20:25:47 UTC | Summary | I believe the possible DoS attack "message flooding" should be addressed i.e. a rogue domain uses "postMessage" to crash an implementation, crash another window etc. Jean-Lou Dupont | Add a warning about high-volume traffic through MessagePort being a DOS risk for UAs and scripts |
ian | 2011-10-25 00:01:10 UTC | Status | ASSIGNED | RESOLVED |
Resolution | --- | FIXED |
Back to bug 14329