Browser Frame Injection Vulnerability, review needed
Waldo Bastian
bastian at kde.org
Fri Jul 9 13:42:22 BST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri July 9 2004 13:11, Germain Garand wrote:
> Le Mercredi 07 Juillet 2004 20:24, Waldo Bastian a écrit :
> > Hi,
> >
> > There was a frame vulnerability reported last week, we have some patches
> > floating around at http://bugs.kde.org/show_bug.cgi?id=84352
> > Some feedback on those would be nice.
> >
> > In particular it seems that frames
> > inherit their "domain" from the toplevel loading frameset. I would expect
> > that it would inherit its domain from its loading frameset, but not from
> > the frameset's frameset, as seems to be the case. Is that a bug or is
> > there a reason why that is as it is?
>
> the comment about that in KHTMLPart::slotChildDocCreated()
> isn't really clear...
> A frameset is just a box in the current document. So there's not even such
> a thing as a "frameset's domain", is there?
With "frameset's domain" I mean "the domain of the document that contains the
frameset", as opposed to "the domain of the document in the frame"
> FWIW, removing the connection to this slot makes KHTML match other browsers
> behaviour with regard to the reported domain.
> David, can you comment on this?
>
> Greetings,
> Germain
Cheers,
Waldo
- --
bastian at kde.org | KDE Community World Summit 2004 | bastian at suse.com
bastian at kde.org | 21-29 August, Ludwigsburg, Germany | bastian at suse.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFA7pKuN4pvrENfboIRAivgAKCpMObH6xVUVyUnhvdcnJGM7M9XOgCZAZrM
bjmbxCxEqVyj2dEWw/otN7s=
=etZV
-----END PGP SIGNATURE-----
More information about the kfm-devel
mailing list