Bug 107967

Summary: trouble with Yahoo's "Most Popular"
Product: [Applications] konqueror Reporter: mi+kde
Component: khtml parsingAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: FreeBSD   
Latest Commit: Version Fixed In:

Description mi+kde 2005-06-23 03:51:42 UTC 
Version:           3.4.0 (using KDE 3.4.0, compiled sources)
Compiler:          gcc version 3.4.2 [FreeBSD] 20040728
OS:                FreeBSD (amd64) release 5.4-STABLE

To, what I'm talking about, go to

	http://my.yahoo.com/

and click on any news story.

On the story's page, there will be a top bar with several "tab-like" links, one of which will read "Most Popular".

Click on that link. The page you get will try to reload itself every few minutes using some funky JavaScript.

On the first such reload attempt, you will get a "Page Not Found" error from Yahoo! The link in the URL area will be totally bogus -- something like:

	http://news.yahoo.com/i/name=

This does not happen with neither Mozilla nor IE, which Yahoo, no doubt, tested against...
Comment 1 Thiago Macieira 2005-06-25 17:39:37 UTC 
I can confirm that.
Comment 2 Maksim Orlovich 2005-08-12 00:51:05 UTC 
Not JavaScript:
<META HTTP-EQUIV="refresh" CONTENT="300>
<meta name="description" content="Use Yahoo! News to find the news stories and photos being emailed, viewed and highest rated by readers.">

Note that missing quote. whee. Ffox parses this same as us, but maybe they have some quirk in the actual content parsing. Will find out in 5 minutes
Comment 3 mi+kde 2005-08-12 01:43:56 UTC 
This may also mean, there is a security hole in Konqueror somewhere. If a missing quote leads it to such such strange behaviour (where is the http://news.yahoo.com/i/name= coming from??), what will it do given a specially crafted input?
Comment 4 Allan Sandfeld 2006-06-16 14:13:45 UTC 
I cannot reproduce the bug anymore
Comment 5 mi+kde 2006-06-16 16:48:30 UTC 
Yes, because Yahoo! fixed their page faster, than KDE fixed their browser...
Comment 6 Allan Sandfeld 2006-06-16 18:44:37 UTC 

*** This bug has been marked as a duplicate of 104656 ***