summaryrefslogtreecommitdiff
blob: 441567df1b2f2df0ce1f14f29374b9ae9937cc40 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
------------------------------------------------------------------------
r626814 | mueller | 2007-01-24 18:16:52 +0100 (Wed, 24 Jan 2007) | 5 lines
Changed paths:
   M /branches/KDE/3.5/kdeaddons/konq-plugins/webarchiver/archivedialog.cpp
   M /branches/KDE/3.5/kdeaddons/konq-plugins/webarchiver/webarchivecreator.cpp

fix a minor but annoying privacy issue: the web archiver
would happily put local files or other launch other unsafe
protocols if referenced in the website, even though konqueror
itself wouldn't handle it

------------------------------------------------------------------------
Index: konq-plugins/webarchiver/archivedialog.cpp
===================================================================
--- konq-plugins/webarchiver/archivedialog.cpp	(revision 626813)
+++ konq-plugins/webarchiver/archivedialog.cpp	(revision 626814)
@@ -395,12 +395,15 @@ void ArchiveDialog::saveArchiveRecursive
 QString ArchiveDialog::handleLink(const KURL& _url, const QString& _link)
 {
    KURL url(getAbsoluteURL(_url, _link));
-   QString tarFileName;
 
-   if (m_state==Retrieving)
-      m_urlsToDownload.append(url);
-   else if (m_state==Saving)
-      tarFileName = m_downloadedURLDict[url.url()];
+   QString tarFileName;
+   if (kapp->authorizeURLAction("redirect", _url, url))
+   {
+       if (m_state==Retrieving)
+           m_urlsToDownload.append(url);
+       else if (m_state==Saving)
+           tarFileName = m_downloadedURLDict[url.url()];
+   }
 
    return tarFileName;
 }