Commit 1d83ce10 authored by Andrea Diamantini's avatar Andrea Diamantini
Browse files

This evening I started working again on this bug. I did all the tests against XSS

and it seems ok. Hope it's true.

CCBUG:217464
CCBUG:246355
parent 8d383e07
......@@ -392,8 +392,11 @@ void WebPage::handleUnsupportedContent(QNetworkReply *reply)
// This is probably needed just in ONE stupid case..
if (_protHandler.postHandling(reply->request(), mainFrame()))
{
kDebug() << "POST HANDLING the unsupported...";
return;
}
if (reply->error() != QNetworkReply::NoError)
return;
......@@ -655,9 +658,9 @@ QString WebPage::errorPage(QNetworkReply *reply)
QString title = i18n("There was a problem while loading the page");
// NOTE:
// this, to be sure BUG 217464 (Universal XSS) has been fixed..
QString urlString = Qt::escape(reply->url().toString(QUrl::RemoveUserInfo | QUrl::RemoveQuery | QUrl::RemovePath));
// this, to take care about XSS (see BUG 217464)...
QString urlString = Qt::escape(reply->url().toString());
QString iconPath = QString("file://") + KIconLoader::global()->iconPath("dialog-warning" , KIconLoader::Small);
iconPath.replace(QL1S("16"), QL1S("128"));
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment