From kfm-devel  Thu Oct 11 19:14:11 2001
From: Michael =?iso-8859-1?q?H=E4ckel?= <Michael () Haeckel ! Net>
Date: Thu, 11 Oct 2001 19:14:11 +0000
To: kfm-devel
Subject: Re: Possible security problem in KHTML or KMail?
X-MARC-Message: https://marc.info/?l=kfm-devel&m=100282748731162

On Thursday 11 October 2001 20:50, David Faure wrote:
>
> We already have this, see originCheck. in kjs_proxy or kjs_binding.
> I think you are all talking about a theorical security problem without
> even testing if it exists......

Well, when displaying the example given by Malte in Konqueror via http I =
get a=20
security warning I can't get rid of without killing Konqeror. Closing it=20
opens it again.
However in a HTML e-mail it is displayed.
Also if a HTML mail contains a iframe with an external page it is display=
ed,=20
even if external references are disabled.

Regards,
Michael H=E4ckel