'[Bug 305976] Plugins should be able to inject code in the <head> section of Template.html'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-bugs-dist
Subject:    [Bug 305976] Plugins should be able to inject code in the <head> section of Template.html
From:       Martin Klapetek <martin.klapetek () gmail ! com>
Date:       2012-08-29 10:40:26
Message-ID: bug-305976-17878-nZSKcQX0hP () http ! bugs ! kde ! org/
[Download RAW message or body]

https://bugs.kde.org/show_bug.cgi?id=305976

Martin Klapetek <martin.klapetek@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |martin.klapetek@gmail.com

--- Comment #1 from Martin Klapetek <martin.klapetek@gmail.com> ---
Be super careful with allowing third-parties to inject custom javascript. I'm
not sure about QtWebKit security, but cross-site scripting can be very
dangerous. This also allows sending data (like the conversation history) to any
server.

-- 
You are receiving this mail because:
You are watching all bug changes.
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic