URL Request parameters with Javascript break page rendering

Fixed Issue #8820544

Details

Created
Sep 9, 2016
Privacy
This issue is public.
Found in
  • Internet Explorer
Reports
Reported by 9 people

Sign in to watch or report this issue.

Steps to reproduce

  1. Go to the following URL:

http://output.jsbin.com/zuhupasebu

Expected: javascript:doStuff() is rendered on the page.
Actual: javascript:doStuff() is rendered on the page.

  1. Go to the following URL:

http://output.jsbin.com/zuhupasebu?javascript:doStuff()

Expected: javascript:doStuff() is rendered on the page.
Actual: # is rendered on the page with a message - "Internet Explorer has modified this page to help prevent cross-site scripting.".

Attachments

0 attachments

    Comments and activity

    • Experiencing the exact same issue… please fix.

    • Also experiencing this issue, this is affecting a lot of my customers and becoming an increasing issue.

    • This is causing a lot of issues for me… please fix.

    • Note: This is specific to IE11, Windows 7 and was first noticed after the Cumulative Security Update for Internet Explorer (3169991) (Microsoft Security Bulletin MS16-084)

    • I have seen this as well.

    • Also experiencing this issue, this is affecting a lot of my customers and becoming an increasing issue.

      JohnP

    • We have the exact same issue which is affecting lot many users. Can this issue get looked at and fix on priority, please.

    • Microsoft Edge Team

      Changed Assigned To to “Brad E.”

    • This issue has been becoming a huge issue. Lot’s of people are been affected. Is there anything that I can do for you guys to fix it soon? Thanks

    • Microsoft Edge Team

      Changed Status to “Fixed”

    • Thank
      you for the feedback. This issue appears to have been fixed in Microsoft Edge.
      We’re not presently working on feature bugs in Internet Explorer outside of
      security-related issues. If you have a premier support contract you can visit
      https://premier.microsoft.com

      and open
      a support incident and work with an engineer to address this issue.

      Best
      Regards,

      The
      Microsoft Edge Team

    • Brad,

      The security fix is what caused the issue, ergo this is a security-related issue. Is the assumption that any regression (no matter the severity), caused by security related patches, will not be addressed? There are quite a few MS IE11 users affected by this problem, therefore, I am reopening this issue for further discussion.

      Cheers,
      Ben

    You need to sign in to your Microsoft account to add a comment.

    Sign in