Porting KUrl::prettyUrl: please do not reintroduce CVE-2013-2074!

Kevin Kofler kevin.kofler at chello.at
Fri Oct 17 23:26:00 BST 2014

I wrote:
> just a small public service announcement: The correct replacement for:
> url.prettyUrl()
> in Qt 5 is NOT:
> url.toString() // BAD!
> but:
> url.toString(QUrl::RemovePassword)
or, even better:
as pointed out by Andrea Iacovitti. (I guess his message is pending 

        Kevin Kofler

More information about the kde-core-devel mailing list