Afaik this bug is not really about kio and mroe about KWebView and KIO. I first experienced this bug after switching to Qt4.8 on Windows. There were some "remote" file links in the kontact about screen. <img src=file://c/program files/foo/bar/foo.png/> for example. Notice that in that case c is detected as a host. This caused an endless loop of kio jobs redirecting to smb and back to local and to smb again. I could not reproduce this bug by using the kio tests. They redirected once to smb, could not find the file and exited. So i've appended another / to the file:// call and now it does not happen anymore on windows, but with that additional / it now happens on Linux. This is the debug output that is looped: KWebPageTest_Gui(6386)/kio (KIOJob) KIO::StatJobPrivate::slotRedirection: KUrl("file://foo") -> KUrl("smb://foo") KWebPageTest_Gui(6386)/kio (Scheduler) KIO::SchedulerPrivate::jobFinished: KIO::StatJob(0x2446dc0) KIO::Slave(0x23930b0) KWebPageTest_Gui(6386)/kio (Scheduler) KIO::SchedulerPrivate::doJob: KIO::SimpleJob(0x2402000) kio_file(6213) FileProtocol::stat: redirecting to "smb://foo" I'm clueless how the interaction between KIO and KWebView works. Please see my attached test case that exposes the problem. Reproducible: Always Steps to Reproduce: See attached test case Actual Results: Endless kio activity Expected Results: Should exit when not finding the file
Created attachment 72039 [details] Test exposing the problem
Created attachment 72458 [details] Manipulated html mail triggering the problem While this bug does only occur on invalid file urls. Which probably don't occur in the code for Linux. Even on Linux systems this opens a vulnerability to manipulated mails as the one that i have attached. You need the setting "prefer html over plain text" then viewing the attached Message in KMail triggers the bug.
Just updated my builds to current master and noticed that i did not had the samba client libraries installed for kde-runtime. With them this problem does not occur. Still needs to be fixed but now I understand why this does not happen more often.
This is reproduceable on msvc.
Git commit d177fd620dd7a7eea9e85d7cbc64e7bb12913667 by Nico Kruber. Committed on 09/12/2013 at 03:33. Pushed by nkruber into branch 'kde-4.12'. kdepim: update patches and re-apply a fix reverted upstream please check whether the fix_introduction_screen.diff patch is really still needed or whether it has been fixed otherwise in the meantime A +25 -0 portage/kde/kdepim/0001-fixed-windows-x64-build.patch M +27 -27 portage/kde/kdepim/fix_introduction_screen.diff M +4 -9 portage/kde/kdepim/kdepim-20080202.py D +0 -36 portage/kde/kdepim/kdepim-4.10.0.diff D +0 -56 portage/kde/kdepim/kdepim-app-icons.diff http://commits.kde.org/emerge/d177fd620dd7a7eea9e85d7cbc64e7bb12913667
Created attachment 84216 [details] proposed patch Can you try the attached patch and see if it resolves the issue for you? I purposefully avoided adding KDE's local schemes to QWebSecurityOrigin, but in hind sight I should have and let applications remove the local protocols they want to allow.
See comment #6.
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days, the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please set the bug status as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone!
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging Thank you for helping us make KDE software even better for everyone!