Bug 57366

Summary: Security bug: site password is shown in window title
Product: [Applications] konqueror Reporter: Andrey Cherepanov <sibskull>
Component: khtmlAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED FIXED    
Severity: normal    
Priority: NOR    
Version: 4.0   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:

Description Andrey Cherepanov 2003-04-17 10:59:14 UTC 
Version:           4.0 (using KDE 3.1.0)
Installed from:    compiled sources
Compiler:          gcc version 2.96 20000731 (Red Hat Linux 7.1 2.96-98)
OS:          Linux (i686) release 2.4.7-10

When I type password in address, Konqueror show this password in window title, but hide it in addressbar. This is unsecure behaviour began from KDE 3.1!
Comment 1 Waldo Bastian 2003-05-20 14:23:58 UTC 
Subject: kdelibs/khtml

CVS commit by waba: 

CCMAIL: 57366-done@bugs.kde.org
Don't set password in title. (BR57366)


  M +1 -1      khtml_part.cpp   1.848


--- kdelibs/khtml/khtml_part.cpp  #1.847:1.848
@@ -1499,5 +1499,5 @@ void KHTMLPart::begin( const KURL &url, 
     title.setRef( QString::null );
     title.setQuery( QString::null );
-    emit setWindowCaption( title.url() );
+    emit setWindowCaption( title.prettyURL() );
   }
   else