[Webkit-unassigned] [Bug 32252] Universal XSS in Rekonq inherited from QtDemoBrowser?
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 15 07:29:19 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=32252
--- Comment #4 from Tor Arne Vestbø <vestbo at webkit.org> 2010-03-15 07:29:19 PST ---
I can reproduce this in the QtLauncher. Exactly which URL did you type into the
location field?
If we're somehow parsing http://foo.com/some-html-content into a valid URL and
then end up also injecting that as page content at some point I'd say we need
to look at the URL parsing and see if that makes sense first. If that URL is
valid then I'm guessing this would be a problem in other places too?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list