[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: KMail security issues
From:       Dawit Alemayehu <adawit () kde ! org>
Date:       2000-08-17 15:38:27
[Download RAW message or body]

On Thu, 17 Aug 2000, Daniel Naber wrote:
> On Don, 17 Aug 2000, Dawit Alemayehu wrote:
> 
> > > Q: Can somebody set a cookie on my system by sending me an HTML mail?
> 
> > The answer to that is yes, but the default settings for the cookiejar is
> > to ask for confirmation before acceting any cookies unless you changed
> > this policy in the control panel.
> 
> I wonder how this can be possible, as Cookies are HTTP stuff but KMail 
> just uses khtml_part?

Well khtml_part has to somehow retreive links embeded in the page right ? :)
Simply add links in the HTML message that has to be retrieved when rendered by
the khtml_part (like ad images -which are notorious for doing this stuff).

Regards,
Dawit A.

[prev in list] [next in list] [prev in thread] [next in thread]