From ecbe1d942e41a29a8d0bffdb328643e4c2a278b1 Mon Sep 17 00:00:00 2001
From: Andrea Diamantini <adjam7@gmail.com>
Date: Tue, 8 Dec 2009 12:25:54 +0100
Subject: xss attach prevention. I have to say, BRUTE prevention :) Hope this
 works.

Also some fixes in Urlbar class to ensure that a KUrl is a KUrl
and a QString is a QString.

Removed the annoying "restore url on focus out" feature. No other browsers
have it and I really cannot understand gain
---
 src/webpage.cpp | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

(limited to 'src/webpage.cpp')

diff --git a/src/webpage.cpp b/src/webpage.cpp
index 92318b36..a6c37906 100644
--- a/src/webpage.cpp
+++ b/src/webpage.cpp
@@ -187,7 +187,6 @@ void WebPage::manageNetworkErrors(QNetworkReply* reply)
     if( reply->error() == QNetworkReply::NoError )
         return;
 
-
     if( reply->url() != m_requestedUrl ) // prevent favicon loading
         return;
     
@@ -223,6 +222,7 @@ QString WebPage::errorPage(QNetworkReply *reply)
     // display "not found" page
     QString notfoundFilePath =  KStandardDirs::locate("data", "rekonq/htmls/notfound.html");
     QFile file(notfoundFilePath);
+
     bool isOpened = file.open(QIODevice::ReadOnly);
     if (!isOpened)
     {
@@ -231,18 +231,17 @@ QString WebPage::errorPage(QNetworkReply *reply)
     }
 
     QString title = i18n("Error loading: %1", reply->url().path()); 
-    
     QString imagesPath = QString("file://") + KGlobal::dirs()->findResourceDir("data", "rekonq/pics/bg.png") + QString("rekonq/pics");
-
     QString msg = "<h1>" + reply->errorString() + "</h1>";
+    QString urlString = reply->url().toString( QUrl::RemoveUserInfo | QUrl::RemoveQuery );
     
-    msg += "<h2>" + i18nc("%1=an URL, e.g.'kde.org'", "When connecting to: %1", reply->url().toString()) + "</h2>";
+    msg += "<h2>" + i18nc("%1=an URL, e.g.'kde.org'", "When connecting to: %1", urlString ) + "</h2>";
     msg += "<ul><li>" + i18n("Check the address for errors such as <b>ww</b>.kde.org instead of <b>www</b>.kde.org");
     msg += "</li><li>" + i18n("If the address is correct, try to check the network connection.") + "</li><li>" ;
     msg += i18n("If your computer or network is protected by a firewall or proxy, make sure that rekonq is permitted to access the network.");
     msg += "</li><li>" + i18n("Of course, if rekonq does not work properly, you can always say it is a programmer error ;)");
     msg += "</li></ul><br/><br/>";
-    msg += "<input type=\"button\" id=\"reloadButton\" onClick=\"document.location.href='" + reply->url().path() + "';\" value=\"";
+    msg += "<input type=\"button\" id=\"reloadButton\" onClick=\"document.location.href='" + urlString + "';\" value=\"";
     msg += i18n("Try Again") + "\" />";
     
     QString html = QString(QLatin1String(file.readAll()))
-- 
cgit v1.2.1