[Webkit-unassigned] [Bug 39670] [Qt] WebView::setUrl crashes after Qt4.7
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Dec 23 17:40:15 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=39670
Adam Barth <abarth at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #75858|review?, commit-queue? |review-, commit-queue-
Flag| |
--- Comment #19 from Adam Barth <abarth at webkit.org> 2010-12-23 17:40:15 PST ---
(From update of attachment 75858)
View in context: https://bugs.webkit.org/attachment.cgi?id=75858&action=review
> WebKit/qt/Api/qwebframe.cpp:709
> + if (d->frame->loader()->isLoading())
> + d->frame->loader()->stopAllLoaders();
> d->frame->loader()->writer()->begin(absolute);
> d->frame->loader()->writer()->end();
These methods are all way too low-level to be called from WebKit. You should call some API on FrameLoader that does what you want. This code might well be a security vulnerability too. I'd have to look into the details. The issue is you're spamming "absolute" over the document, which will give whoever has a pointer to the document access the cookies for "absolute".
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list