

New XSS Bypass on Google Chrome filter - viana007
http://html5sec.org/title?xss=%3C/title%3E%3Cframeset%3E%3Cframe%20src=%22data:text/html,%3Cscript%3Ealert(1)%3C/script%3E%22%3E

======
waraey
Awesome. First noticed that Chrome was blocking XSS attempts a week ago. It
seems that if Chrome want's to move in the direction of ignoring specs and
standards for security means, they are headed down the lines of IE.

------
mrng
Firefox 21 (Windows) seems to be vulnerable, too.

