blob: f84c0a1c13abe5a59be03a7fee6c265ac9916e74 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
diff --git a/src/webpage.cpp b/src/webpage.cpp
index 9be0d3c..386f209 100644
--- a/src/webpage.cpp
+++ b/src/webpage.cpp
@@ -68,6 +68,9 @@
// Qt Includes
#include <QtCore/QFileInfo>
+
+#include <QtGui/QTextDocument>
+
#include <QtDBus/QDBusConnection>
#include <QtDBus/QDBusConnectionInterface>
#include <QtDBus/QDBusInterface>
@@ -589,7 +592,10 @@ QString WebPage::errorPage(QNetworkReply *reply)
}
QString title = i18n("There was a problem while loading the page");
- QString urlString = reply->url().toString(QUrl::RemoveUserInfo | QUrl::RemoveQuery | QUrl::RemovePath);
+
+ // NOTE:
+ // this, to be sure BUG 217464 (Universal XSS) has been fixed..
+ QString urlString = Qt::escape(reply->url().toString(QUrl::RemoveUserInfo | QUrl::RemoveQuery | QUrl::RemovePath));
QString iconPath = QString("file://") + KIconLoader::global()->iconPath("dialog-warning" , KIconLoader::Small);
iconPath.replace(QL1S("16"), QL1S("128"));
|
GitWeb
