[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: PATCH against meta redirect
From: Daniel Naber <daniel.naber () t-online ! de>
Date: 2000-12-23 0:05:15
[Download RAW message or body]
Hi,
can someone please check if this patch is okay? We need it so that KMail
doesn't just blindly follow <meta> redirects (for security reasons). I
will commit this if nobody objects (*adding* public functions shouldn't be
a problem, right?).
Regards
Daniel
--
Daniel Naber, Paul-Gerhardt-Str. 2, 33332 Guetersloh, Germany
Tel. 05241-59371, Mobil 0170-4819674
["no-redirect.diff" (text/x-c++)]
Index: html_headimpl.cpp
===================================================================
RCS file: /home/kde/kdelibs/khtml/html/html_headimpl.cpp,v
retrieving revision 1.42
diff -u -r1.42 html_headimpl.cpp
--- html_headimpl.cpp 2000/12/09 07:36:08 1.42
+++ html_headimpl.cpp 2000/12/22 23:59:59
@@ -234,7 +234,7 @@
{
m_style = document->styleSelector()->styleForElement(this);
// kdDebug( 6030 ) << "meta::attach() equiv=" << _equiv.string() << ", \
content=" << _content.string() << endl;
- if(strcasecmp(_equiv, "refresh") == 0 && !_content.isNull())
+ if(strcasecmp(_equiv, "refresh") == 0 && !_content.isNull() && \
v->part()->metaRefreshEnabled()) {
// get delay and url
QString str = _content.string();
Index: khtml_part.h
===================================================================
RCS file: /home/kde/kdelibs/khtml/khtml_part.h,v
retrieving revision 1.105
diff -u -r1.105 khtml_part.h
--- khtml_part.h 2000/12/09 18:15:02 1.105
+++ khtml_part.h 2000/12/23 00:00:38
@@ -209,6 +209,16 @@
bool jScriptEnabled() const;
/**
+ * Enable/disable the automatic forwarding by <meta http-equiv="refresh" ....>
+ */
+ void enableMetaRefresh( bool enable );
+
+ /**
+ * Returns @p true if automtaic forwarding is enabled.
+ */
+ bool metaRefreshEnabled() const;
+
+ /**
* Execute the specified snippet of JavaScript code.
*
* Returns @p true if JavaScript was enabled, no error occured
Index: khtml_part.cpp
===================================================================
RCS file: /home/kde/kdelibs/khtml/khtml_part.cpp,v
retrieving revision 1.343
diff -u -r1.343 khtml_part.cpp
--- khtml_part.cpp 2000/12/17 03:33:13 1.343
+++ khtml_part.cpp 2000/12/23 00:02:06
@@ -163,7 +163,9 @@
m_bJavaOverride = false;
m_bPluginsForce = false;
m_bPluginsOverride = false;
-
+
+ m_metaRefreshEnabled = true;
+
m_bFirstData = true;
// inherit security settings from parent
@@ -217,6 +219,7 @@
bool m_bJavaForce :1;
bool m_bJavaOverride :1;
bool m_bPluginsForce :1;
+ bool m_metaRefreshEnabled :1;
bool m_bPluginsOverride :1;
int m_frameNameId;
KJavaAppletContext *m_javaContext;
@@ -700,6 +703,16 @@
if ( d->m_bJScriptOverride )
return d->m_bJScriptForce;
return d->m_bJScriptEnabled;
+}
+
+void KHTMLPart::enableMetaRefresh( bool enable )
+{
+ d->m_metaRefreshEnabled = enable;
+}
+
+bool KHTMLPart::metaRefreshEnabled() const
+{
+ return d->m_metaRefreshEnabled;
}
KJSProxy *KHTMLPart::jScript()
Index: kmreaderwin.cpp
===================================================================
RCS file: /home/kde/kdenetwork/kmail/kmreaderwin.cpp,v
retrieving revision 1.229
diff -u -r1.229 kmreaderwin.cpp
--- kmreaderwin.cpp 2000/12/17 19:37:41 1.229
+++ kmreaderwin.cpp 2000/12/23 00:04:35
@@ -336,6 +336,7 @@
mViewer = new KHTMLPart(this, "khtml");
// Let's better be paranoid and disable plugins (it defaults to enabled):
mViewer->enablePlugins(false);
+ mViewer->enableMetaRefresh(false);
mViewer->widget()->resize(width()-16, height()-110);
mViewer->setURLCursor(KCursor::handCursor());
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic