PATCH: 2 small KHTML patches...
Dirk Mueller
mueller at kde.org
Wed Jan 7 00:56:21 GMT 2004
On Saturday 03 January 2004 18:00, Waldo Bastian wrote:
> > 1.) If a meta-redirection is scheduled in a framed page the wrong
> > referrer header is sent. This happens because the referrer string is
> > incorrectly set to "" in ::slotRedirect.
> Yes, that line looked strange indeed.
This line is there to make sure that we don't send a referrer when either the
client or the server is doing a redirection, or when some javascript opens a
new page.
If khtml is now sending a referrer header in any of those cases, you just
introduced a security problem. Congratulations.
(BTW: cvs ann would have told you).
Dirk
More information about the kde-core-devel
mailing list