[Patch] permit redirections to data urls
Leo Savernik
l.savernik at aon.at
Tue Sep 16 22:54:10 BST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
Data urls strike again. It's becoming a pita.
The problem is about images that are represented by data urls. If the html
file containing them is a local file, the embedded images load flawlessly.
However, if the html is served over http, the data urls are not even loaded.
Look at:
http://bugs.kde.org/attachment.cgi?id=2478&action=view
for the http test case, and the attachment for the local one.
After intensive investigations I found KApplication::authorizeURLAction to be
responsible. Therefore, I added a rule to
KApplication::initUrlActionRestrictions to explicitly permit redirections
from any url to data urls.
Data urls itself are still only allowed to redirect to their own kind (at
least if I'm understanding the url action restrictions right, otherwise funny
exploits could be created).
Please review this patch:
http://bugs.kde.org/attachment.cgi?id=2482&action=view
mfg
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE/Z4aCj5jssenUYTsRAqWLAJ9PdazerEmJ+YMvmwx6svSPJDDX3QCgsgun
kYT3ulktJruef5/LDIxRbQw=
=klSc
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20030916/c1425d77/attachment.html>
More information about the kfm-devel
mailing list