Feedback wanted regarding prettyURL()
Dirk Mueller
mueller at kde.org
Thu Aug 16 16:31:48 BST 2007
Hi,
To avoid the latest announced url spoofing attacks in a general way, I
suggested to shorten the username, to avoid that the user misinterprets the
username actually as part of the hostname.
this however breaks the url pretty badly: the username is not really valid
anymore. on the other hand, its unlikely that there will be a very long
username given, especially if no password has been added.
Comments, opinions?
Thanks,
Dirk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: shorten-username.diff
Type: text/x-diff
Size: 731 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20070816/a5db5c5f/attachment.diff>
More information about the kde-core-devel
mailing list