PATCH: Better cross-domain cookie detection [BR 66090]
Dawit A.
adawit at kde.org
Sun Nov 30 16:51:13 GMT 2003
On Sunday 30 November 2003 09:59, Waldo Bastian wrote:
> > I also thought about redirection. One way to deal with that would be to
> > send the origination url along with the flag and only use the url on
> > redirections, no ?
>
> I would replace the flag with the URL of the main-document and then put
> isCrossDomainRequest() in http.cc
Okay, patch is attached. It seems to work fine now. I used
http://linuxtoday.com as a test site since it had some nasty IFRAME based
cross-domain cookie stuff. If you try it before applying this patch, you will
see what I mean. You will get prompted for cookies that do not originate from
linuxtoday.com.
I do not know if the KHTML guys will approve the addition of yet another
public function to KHTMLPart, but it is needed unless we want to duplicate
code. Also I called it sourceURL() because I could not come up with a better
name for it. baseURL was already taken. I CC 'ed Dirk for his input on this.
--
Regards,
Dawit A.
"Preach what you practice, practice what you preach"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cross-domain.diff
Type: text/x-diff
Size: 5488 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20031130/705b55af/attachment.diff>
More information about the kde-core-devel
mailing list