Review Request: Catch a bogus username in a url intented to fool a user into visiting a site unintentionally
Commit Hook
null at kde.org
Thu May 26 06:00:34 BST 2011
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/101440/#review3535
-----------------------------------------------------------
This review has been submitted with commit 3bbd4496bc8a01e80df61763bfd0347e8ba7f09a by Dawit Alemayehu.
- Commit
On May 25, 2011, 11:34 p.m., Dawit Alemayehu wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/101440/
> -----------------------------------------------------------
>
> (Updated May 25, 2011, 11:34 p.m.)
>
>
> Review request for kdelibs and David Faure.
>
>
> Summary
> -------
>
> The attached KIO HTTP patch adds the same kind of preventative measure as Mozilla to stop a user from being fooled into visiting a site through the "bogus username" trick. For example, http://www.microsoft.com%26item%3Dq209354rexsddiuyjkiuylkuryt2583453453fsesfsdfsfasfdfdsf@www.kde.org/.
>
>
> This addresses bug 94867.
> http://bugs.kde.org/show_bug.cgi?id=94867
>
>
> Diffs
> -----
>
> kioslave/http/http.cpp b937856
>
> Diff: http://git.reviewboard.kde.org/r/101440/diff
>
>
> Testing
> -------
>
> Tested using the links provided in bug report a sample of which is provided in the description area above.
>
>
> Thanks,
>
> Dawit
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20110526/05eabb79/attachment.htm>
More information about the kde-core-devel
mailing list