From kmail-devel  Fri Aug 10 09:44:13 2001
From: Dirk Mueller <mueller () kde ! org>
Date: Fri, 10 Aug 2001 09:44:13 +0000
To: kmail-devel
Subject: KHTML API cleanup
X-MARC-Message: https://marc.info/?l=kmail-devel&m=99743669502916

Hi, 

while fixing the KHTML-API usage of kmail I noticed a few things: 

- in kmreaderwin.cpp it disables all potentially insecure khtml-features
  _except_ setOnlyLocalReferences(true) ? Why?

- KMail seems to be the only application that uses 
  setMetaRefreshEnabled(false). can you please explain what security-issue
  this is supposed to fix or if it can be merged with 
  setOnlyLocalReferences(true) ?

- What do you think of an "enableSecureMode()" that does all that stuff
  in khtml (disabling JScript, Java and so on). looks a lot more
  forward compatible to me for future extensions. 


Please keep me on CC I'm not subscribed. Thanks,


Dirk
_______________________________________________
Kmail Developers mailing list
Kmail@master.kde.org
http://master.kde.org/mailman/listinfo/kmail