Fwd: [Bug 22558] referrer leaks through to non-referring site
Waldo Bastian
bastian at kde.org
Thu Jul 10 21:11:01 BST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 10 July 2003 19:13, Dirk Mueller wrote:
> On Don, 10 Jul 2003, Waldo Bastian wrote:
> > In terms of using req->m_docLoader->doc()->URL(); ?
>
> Yes. or the sanitized version of it.
>
> > Or in terms of
> > if ( r.protocol().startsWith( "http" ) && r.path().isEmpty() )
> > r.setPath( "/" ); ?
> >
> > I don't think that one is needed any more since the kio_http slave
> > automatically redirects to / on path().isEmpty()
>
> That bug still exists in KURL. its not about kio_http redirection but about
> the referrer.
>
> Sending a referer like http://www.foobla.com is wrong, it has to have a
> trailing backslash.
Yes, but since kio_http now immediately redirects from http://www.foobla.com
to http://www.foobla.com/ it is unlikely that req->m_docLoader->doc()->URL();
will return http://www.foobla.com
Cheers,
Waldo
- --
bastian at kde.org -=|[ SuSE, The Linux Desktop Experts ]|=- bastian at suse.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE/DchVN4pvrENfboIRAkdxAJ9HvwggfsxJVzlZAoxCsxhv+y6d5gCgm++t
l3BkmBN6rhNRwAGbRtthi0U=
=ARG2
-----END PGP SIGNATURE-----
More information about the kfm-devel
mailing list