From 1d83ce109628cf28269a849abec9786b9e920c39 Mon Sep 17 00:00:00 2001
From: Andrea Diamantini <adjam7@gmail.com>
Date: Mon, 24 Jan 2011 22:42:13 +0100
Subject: This evening I started working again on this bug. I did all the tests
 against XSS and it seems ok. Hope it's true.

CCBUG:217464
CCBUG:246355
---
 src/webpage.cpp | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'src/webpage.cpp')

diff --git a/src/webpage.cpp b/src/webpage.cpp
index 47056216..c074f1ad 100644
--- a/src/webpage.cpp
+++ b/src/webpage.cpp
@@ -392,8 +392,11 @@ void WebPage::handleUnsupportedContent(QNetworkReply *reply)
     
     // This is probably needed just in ONE stupid case..
     if (_protHandler.postHandling(reply->request(), mainFrame()))
+    {
+        kDebug() << "POST HANDLING the unsupported...";
         return;
-
+    }
+    
     if (reply->error() != QNetworkReply::NoError)
         return;
 
@@ -655,9 +658,9 @@ QString WebPage::errorPage(QNetworkReply *reply)
     QString title = i18n("There was a problem while loading the page");
     
     // NOTE: 
-    // this, to be sure BUG 217464 (Universal XSS) has been fixed..
-    QString urlString = Qt::escape(reply->url().toString(QUrl::RemoveUserInfo | QUrl::RemoveQuery | QUrl::RemovePath));
-
+    // this, to take care about XSS (see BUG 217464)...
+    QString urlString = Qt::escape(reply->url().toString());
+    
     QString iconPath = QString("file://") + KIconLoader::global()->iconPath("dialog-warning" , KIconLoader::Small);
     iconPath.replace(QL1S("16"), QL1S("128"));
 
-- 
cgit v1.2.1