[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Re: Possible security problem in KHTML or KMail?
From: Ingo =?iso-8859-1?q?Kl=F6cker?= <ingo.kloecker () epost ! de>
Date: 2001-10-11 21:56:02
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 11 October 2001 19:08, Vadim Plessky wrote:
[snip]
> NOTE that content of this IFRAME can have HTML file *with
> JavaScript*! And if it's coming from different domain (not domain
> main page located at), it can be enabled and exposure potential
> security threat.
>
> Please consider slightly modifies testcase:
> -----------------------------------
[snip]
> <SCRIPT language=Javascript>
[snip]
> It would be nice to hear comments both from KMail and KHTML
> developers.
I will (hopefully) never be possible to enable JavaScript execution in
KMail. Therefore the problem you described can't occur in KMail.
Regards,
Ingo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7xhVyGnR+RTDgudgRAnasAKDT1HYAy8h1+oa+6QZ03RE7WQTtDQCfZNfr
Ki0Fm/UP7D6UCG16/vldI2M=
=b/76
-----END PGP SIGNATURE-----
_______________________________________________
kmail Developers mailing list
kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic