Browser Frame Injection Vulnerability, review needed
Germain Garand
germain at ebooksfrance.org
Fri Jul 9 12:11:45 BST 2004
Le Mercredi 07 Juillet 2004 20:24, Waldo Bastian a écrit :
> Hi,
>
> There was a frame vulnerability reported last week, we have some patches
> floating around at http://bugs.kde.org/show_bug.cgi?id=84352
> Some feedback on those would be nice.
> In particular it seems that frames
> inherit their "domain" from the toplevel loading frameset. I would expect
> that it would inherit its domain from its loading frameset, but not from
> the frameset's frameset, as seems to be the case. Is that a bug or is there
> a reason why that is as it is?
the comment about that in KHTMLPart::slotChildDocCreated()
isn't really clear...
A frameset is just a box in the current document. So there's not even such a
thing as a "frameset's domain", is there?
FWIW, removing the connection to this slot makes KHTML match other browsers
behaviour with regard to the reported domain.
David, can you comment on this?
Greetings,
Germain
More information about the kfm-devel
mailing list