Bug 117584

Summary:	problem with link security checking
Product:	[Applications] konqueror	Reporter:	Peter Eisentraut <peter_e>
Component:	khtml	Assignee:	Konqueror Developers <konq-bugs>
Status:	RESOLVED DUPLICATE
Severity:	normal
Priority:	NOR
Version:	unspecified
Target Milestone:	---
Platform:	Debian testing
OS:	Linux
Latest Commit:		Version Fixed In:

Description Peter Eisentraut 2005-12-03 13:09:56 UTC

Version:            (using KDE KDE 3.4.2)
Installed from:    Debian testing/unstable Packages
OS:                Linux

I'm analyzing this Debian bug: <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332778>.  KMLDonkey registers a ed2k protocol which calls an external helper program.  Clicking on such a link published on an internet site exposes the following strange behavior:

First, you are asked "This untrusted page links to xyz. Do you want to follow the link?"  If you then click on "Follow", you get a message saying "Access by untrusted page to xyz denied." (the very thing I just agreed to).

I traced this through the code in kdelibs/khtml/khtml_part.cpp.  The first call to checkLinkSecurity (which prints these messages) is in method KHTMLPart::urlSelected line 3756 in my copy.  If you click "Follow", the code continues, according to my guess, to call requestObject, where checkLinkSecurity is called again, without a dialog to choose, so the check fails.  Somehow, the second call ought to be avoided.

FWIW, I have a vague recollection that this worked in a recent KDE version (3.3?), with the same KMLDonkey version.

Comment 1 Thiago Macieira 2005-12-03 16:15:14 UTC


*** This bug has been marked as a duplicate of 74607 ***