Version: (using KDE KDE 3.5.8) Installed from: Ubuntu Packages OS: Linux A comment in the function KUrl::prettyUrl // a "pretty" URL is NOT suitable for data transfer. It's only for showing data to the user. // however, it must be parseable back to its original state a few lines below this comment is the following code: if (!hasPass()) tmp = KStringHandler::csqueeze(tmp, 16); This will not make it back parseable and disables a lot of apps using this method, like krdc When you use Alt + F2 and insert: vnc://bladieblablabladieblabla@localhost krdc tries to open: vnc://bladie...blabla@localhost
Yeah I am very surprised by this security "fix" which corrupts urls... Dirk?
*** Bug 151070 has been marked as a duplicate of this bug. ***
Is it possible to disable this by some setting? It's really annoying and I don't want to install yet another program just for ftp.
*** This bug has been confirmed by popular vote. ***
Dirk: I think this patch needs to be reverted.
I think it might be a good idea to truncate the username or whole url like: old-url = "http://longusername@longerwebaddress.server.co.uk.euro.blaa/longer/path/to/current/file/?useragent=blaa truncated-url = "http://longusername@...server.co.uk.euro/....../file/?useragent=blaa But only in for example konquerors location bar, not the real url string.. And only if the user wants truncation of long urls. Either way this feature might open up phishing possibilities. Another note, I think that the severity of this bug should be highest, as it degrades usage of for example konqueror very much and this feature exists in the kde 3.5.8.
*** Bug 151375 has been marked as a duplicate of this bug. ***
*** Bug 151724 has been marked as a duplicate of this bug. ***
SVN commit 731945 by dfaure: You cannot messup prettyURL in ways that break its definition. Its definition is KURL(u.prettyURL()) == u. The security issue has to be fixed in a better way. BUG: 150973 CCMAIL: mueller@kde.org M +1 -8 kurl.cpp M +15 -1 tests/kurltest.cpp WebSVN link: http://websvn.kde.org/?view=rev&revision=731945
*** Bug 151833 has been marked as a duplicate of this bug. ***
*** Bug 153180 has been marked as a duplicate of this bug. ***
*** Bug 153190 has been marked as a duplicate of this bug. ***
*** Bug 153273 has been marked as a duplicate of this bug. ***
*** Bug 154781 has been marked as a duplicate of this bug. ***
*** Bug 155844 has been marked as a duplicate of this bug. ***
*** Bug 156083 has been marked as a duplicate of this bug. ***
*** Bug 158276 has been marked as a duplicate of this bug. ***
*** Bug 159905 has been marked as a duplicate of this bug. ***
I like to report that I encountered the same problem with long username when opening an FTP connection. STeps to reproduce: In the "Network" folder of Konqueror klick on the Icon "Add new network connection". Enter en FTP url. Enter a long username with a dash, for example "balblubb12-anywhere". Store the connection. Then a double klick on the new connection Icon fails.
"Me too" on an already fixed bug is really not useful. Just update to a newer KDE version.
*** Bug 161240 has been marked as a duplicate of this bug. ***
*** Bug 158285 has been marked as a duplicate of this bug. ***