summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrea Diamantini <adjam7@gmail.com>2011-01-24 22:42:13 +0100
committerAndrea Diamantini <adjam7@gmail.com>2011-01-24 22:42:13 +0100
commit1d83ce109628cf28269a849abec9786b9e920c39 (patch)
tree0a7c166156357ebbba310810c8e5677df811b258
parentOrder items in the completion list considering also visit count (diff)
downloadrekonq-1d83ce109628cf28269a849abec9786b9e920c39.tar.xz
This evening I started working again on this bug. I did all the tests against XSS
and it seems ok. Hope it's true. CCBUG:217464 CCBUG:246355
-rw-r--r--src/webpage.cpp11
1 files changed, 7 insertions, 4 deletions
diff --git a/src/webpage.cpp b/src/webpage.cpp
index 47056216..c074f1ad 100644
--- a/src/webpage.cpp
+++ b/src/webpage.cpp
@@ -392,8 +392,11 @@ void WebPage::handleUnsupportedContent(QNetworkReply *reply)
// This is probably needed just in ONE stupid case..
if (_protHandler.postHandling(reply->request(), mainFrame()))
+ {
+ kDebug() << "POST HANDLING the unsupported...";
return;
-
+ }
+
if (reply->error() != QNetworkReply::NoError)
return;
@@ -655,9 +658,9 @@ QString WebPage::errorPage(QNetworkReply *reply)
QString title = i18n("There was a problem while loading the page");
// NOTE:
- // this, to be sure BUG 217464 (Universal XSS) has been fixed..
- QString urlString = Qt::escape(reply->url().toString(QUrl::RemoveUserInfo | QUrl::RemoveQuery | QUrl::RemovePath));
-
+ // this, to take care about XSS (see BUG 217464)...
+ QString urlString = Qt::escape(reply->url().toString());
+
QString iconPath = QString("file://") + KIconLoader::global()->iconPath("dialog-warning" , KIconLoader::Small);
iconPath.replace(QL1S("16"), QL1S("128"));