[prev in list] [next in list] [prev in thread] [next in thread]
List: konq-bugs
Subject: Bug#22433: bug #22433
From: Gerold Jury <gjury () grips ! com>
Date: 2001-09-27 20:50:34
[Download RAW message or body]
The method KIO::http_post in the file kdelibs/kio/job.cpp checks for so
called malicious ports before it starts it's work.
KIO::get does not do something like that.
This code is in kde 2.2.1 cvs 1.261.2.5 KDE_2_2_BRANCH .
The list of ports is very long and i cannot see a reason for this.
It prevents the use of konqueror when posting forms on one of this ports
for example with squid 1080.
Please, i need someone to explain this to me or to remove it
Best Regards
Gerold Jury
["bug%2322433.patch" (text/x-diff)]
--- job.cpp.original Thu Sep 27 22:28:18 2001
+++ job.cpp Thu Sep 27 22:28:57 2001
@@ -894,6 +894,7 @@
if ((url.protocol() != "http") && (url.protocol() != "https" ))
valid = false;
+#if defined (I_KNOW_THE_REASON_FOR_THIS)
// filter out some malicious ports
int bad_ports[] = {
1, // tcpmux
@@ -971,6 +972,7 @@
TransferJob * job = new ErrorJob(url.url(), packedArgs, postData, showProgressInfo);
return job;
}
+#endif
// Send http post command (1), decoded path and encoded query
KIO_ARGS << (int)1 << url;
_______________________________________________
Konq-bugs mailing list
Konq-bugs@mail.kde.org
http://mail.kde.org/mailman/listinfo/konq-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic