[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    KDE/kdelibs/khtml
From:       Maks Orlovich <maksim () kde ! org>
Date:       2010-06-20 21:47:37
Message-ID: 20100620214737.D3FBAAC8DA () svn ! kde ! org
[Download RAW message or body]

SVN commit 1140542 by orlovich:

We don't want javascript: URLs to go through checkLinkSecurity (they are always 
executed in a fresh context..). Fixes bogus security warning popups teve reported.



 M  +3 -1      khtml_part.cpp  


--- trunk/KDE/kdelibs/khtml/khtml_part.cpp #1140541:1140542
@@ -4196,7 +4196,9 @@
 bool KHTMLPart::requestObject( khtml::ChildFrame *child, const KUrl &url, const \
                KParts::OpenUrlArguments &_args,
                                const KParts::BrowserArguments& browserArgs )
 {
-  if (!checkLinkSecurity(url))
+  // we always permit javascript: URLs here since they're basically just
+  // empty pages (and checkLinkSecurity/KAuthorized doesn't know what to do with \
them) +  if (!d->isJavaScriptURL(url.url()) && !checkLinkSecurity(url))
   {
     kDebug(6031) << this << "checkLinkSecurity refused";
     return false;


[prev in list] [next in list] [prev in thread] [next in thread]