[WebKit-devel] Re: [Bug 217464] Universal XSS
David Faure
faure at kde.org
Sat Oct 16 00:48:13 CEST 2010
Seen in the context of the diff:
QString iconPath = QString("file://") + KIconLoader::global()-
>iconPath("dialog-warning" , KIconLoader::Small);
Don't concatenate a scheme and a path, it will break with special chars.
Use the KUrl API for this instead.
(e.g. KUrl::fromPath(...))
--
David Faure, faure at kde.org, http://www.davidfaure.fr
Sponsored by Nokia to work on KDE, incl. Konqueror (http://www.konqueror.org).
More information about the WebKit-devel
mailing list