[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Patch: konqueror form attacks
From:       Matthias Hoelzer-Kluepfel <mhk () caldera ! de>
Date:       2001-09-03 18:50:24
[Download RAW message or body]

On Mon, 3 Sep 2001, Thomas Zander wrote:

> > Please review the patch.
>
> I do have cups, and it runs a webserver on port 631, this works fine. Does
> this mean I can't control my jobs anymore from konq?
>
> i.e.: http://www.cups.thomas.net:631/jobs?which_jobs=completed
>
> (while this is a get request, you get the picture)

Yes, this was an oversight, as CUPS works via http and uses the same port
for configuration access. I guess that this case is quite hard to decide.
If you allow it, it might be possible to abuse your printers. But
accessing CUPS with a http post action should be rare, so having a dialog
box in that case might be acceptable.


Bye,
Matthias.

[prev in list] [next in list] [prev in thread] [next in thread]