[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-bugs-dist
Subject: [Bug 305976] Plugins should be able to inject code in the <head> section of Template.html
From: Martin Klapetek <martin.klapetek () gmail ! com>
Date: 2012-08-29 10:40:26
Message-ID: bug-305976-17878-nZSKcQX0hP () http ! bugs ! kde ! org/
[Download RAW message or body]
https://bugs.kde.org/show_bug.cgi?id=305976
Martin Klapetek <martin.klapetek@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |martin.klapetek@gmail.com
--- Comment #1 from Martin Klapetek <martin.klapetek@gmail.com> ---
Be super careful with allowing third-parties to inject custom javascript. I'm
not sure about QtWebKit security, but cross-site scripting can be very
dangerous. This also allows sending data (like the conversation history) to any
server.
--
You are receiving this mail because:
You are watching all bug changes.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic