On Fre, 06 Sep 2002, Piotr Paw?ow wrote:

> Test page for Konqueror is at:
> http://pp.siedziba.pl/2f/

This is actually not related to the % encoding problem in IE, but a general
regression that was introduced in KDE 3.0.3 release.

Below is the fix which has been tested and committed to CVS already.

Note that this is a fairly minor problem, as the evilhacker can always
create a subdomain like yahoo.evilhacker.net and proxy the yahoo pages
there, and all browsers will give access to the frames in this case.

Note that in any case the "wrong" url is still visible in the location bar
so it should be obvious that although it looks like yahoo, it isn't
yahoo at all.

-- 
Dirk

• text/plain attachment: crosside-3.0.diff

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9eTU6vsXr+iuy1UoRAsaSAKDRXNi6CQ8eQh0fff0l5tSzDmXxnACgivw7 5qkUTMEKpa6ty2TEPkf86/s= =0P6S -----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]