57366 – Security bug: site password is shown in window title

Bug 57366 - Security bug: site password is shown in window title

Summary: Security bug: site password is shown in window title

Status:	RESOLVED FIXED

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	khtml (show other bugs)
Version:	4.0
Platform:	Compiled Sources Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Konqueror Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-04-17 10:59 UTC by Andrey Cherepanov
Modified:	2003-05-20 14:23 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Andrey Cherepanov 2003-04-17 10:59:14 UTC

Version:           4.0 (using KDE 3.1.0)
Installed from:    compiled sources
Compiler:          gcc version 2.96 20000731 (Red Hat Linux 7.1 2.96-98)
OS:          Linux (i686) release 2.4.7-10

When I type password in address, Konqueror show this password in window title, but hide it in addressbar. This is unsecure behaviour began from KDE 3.1!

Comment 1 Waldo Bastian 2003-05-20 14:23:58 UTC

Subject: kdelibs/khtml

CVS commit by waba: 

CCMAIL: 57366-done@bugs.kde.org
Don't set password in title. (BR57366)


  M +1 -1      khtml_part.cpp   1.848


--- kdelibs/khtml/khtml_part.cpp  #1.847:1.848
@@ -1499,5 +1499,5 @@ void KHTMLPart::begin( const KURL &url, 
     title.setRef( QString::null );
     title.setQuery( QString::null );
-    emit setWindowCaption( title.url() );
+    emit setWindowCaption( title.prettyURL() );
   }
   else