Created attachment 60123 [details] Konqueror offering to install Adobe Flash Version: unspecified (using KDE 4.6.2) OS: Linux Konqueror offers installing Adobe Flash when it can't find a suitable plugin to play swf files. Reproducible: Sometimes Steps to Reproduce: * Navigate to a site that serves swf files (it only works if you don't have a Flash plugin installed and if you hadn't previously dismissed the pop up) Actual Results: * A Konqueror pop up suggests downloading Adobe Flash Expected Results: * I'd expect KDE not to suggest nonfree software KDE is free software. KDE4's motto when it came out was Be Free. Suggesting nonfree software undermines the effort of all the free software hackers working to make KDE better. I'm attaching a screenshot that I found online of the pop up in question. The pop up nowadays points to Adobe's site if I remember correctly. I have taken a screenshot myself on a different computer and I can upload it if necessary.
This is most probably the HTML page itself saying where to find the missing plugin, so KHTML is just reporting this information.
While there are some pages that do have pop ups saying that you need Adobe Flash, I made sure before reporting this bug that in this case this is a Konqueror pop up requesting to install the nonfree plugin.
The point is not "who popups", but "where is the information coming from". Can you please link an HTML page which shows that behaviour?
I don't have the computer I checked this on at hand, but I remember getting the pop up here, for instance: https://www.adobe.com/software/flash/about/ But any site that serves swf files has the same behaviour with the same exact message in the same pop up. The pop up appears only if you haven't dismissed it in the past. Being Adobe's site itself, even the message makes it evident that the pop up isn't from the page, otherwise it wouldn't say "Do you want to download one from adobe.com" as if Adobe were a third party. If Adobe were showing that pop up it would say something like "You don't have Flash installed it, click here to download it". Also, I checked the source of that site and of other sites with that same behaviour and there's no indication of a pop up like that.
The message box is ours, but the URL comes from the webpage: pluginspage="http://www.adobe.com/go/getflashplayer"
I see that's quite correct. http://www.ultrasounds.com points to macromedia.com instead of adobe.com and the pluginspage value is http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash I wasn't aware of the function of the pluginspage var, thanks a lot for commenting. So it's quite evident from this that the messages within the popups are the websites' fault and not Konqueror's fault, which is only relaying the message the website intended us to see. I'd personally like it if the messages didn't pop up at all but that would be modifying the intended way the website was to be perceived, so I don't know if that would be right.
I thought I had commented this, but considering that sites can set whatever pluginspage they want, a warning in this pop-up would be nice. Something like: This website recommends downloading a plugin from this address $pluginspage do so at your own risk. I mean, it could very well be used for phishing, since the pop-up appears to be coming from the browser itself.
Maybe something like this?: @@ -599,7 +599,7 @@ void HTMLObjectBaseElementImpl::slotPartLoadingErrorNotify() KUrl pluginPageURL(embed->pluginPage); QString shortURL = pluginPageURL.protocol() == "http" ? pluginPageURL.host() : pluginPageURL.prettyUrl(); int res = KMessageBox::questionYesNo( part->view(), - i18n("No plugin found for '%1'.\nDo you want to download one from %2?", mimeName, shortURL), + i18n("No plugin found for '%1'.\nThe website links to %2 to download a plugin, do you want to download this?\nWARNING: This plugin may contain malicious code.", mimeName, shortURL), i18n("Missing Plugin"), KGuiItem(i18n("Download")), KGuiItem(i18n("Do Not Download")), QString("plugin-")+serviceType); if (res == KMessageBox::Yes) {
Flash and Netscape plugins are no longer supported.