Bug 74607 - [testcase] Failed http: to local file: link within HTML frame.
Summary: [testcase] Failed http: to local file: link within HTML frame.
Status: RESOLVED WORKSFORME
Alias: None
Product: konqueror
Classification: Applications
Component: khtml (show other bugs)
Version: 4.0.3
Platform: Compiled Sources Linux
: NOR minor (vote)
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords: triaged
: 117584 (view as bug list)
Depends on:
Blocks:
 
Reported: 2004-02-08 20:03 UTC by Mary
Modified: 2018-10-27 03:58 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mary 2004-02-08 20:03:50 UTC
Version:            (using KDE KDE 3.2.0)
Installed from:    Compiled From Sources
Compiler:          gcc-2.95.3 
OS:          Linux

When a file: or other local resource is referenced from within an untrusted http: page, a warning is normally displayed, allowing the user to Follow or Cancel the link.

If the link to a local file is within a frame, the usual warning is shown, but selecting "Follow" generates a second error message refusing the link. This was seen in both KDE-3.1.1 & KDE 3.2.0.

 "This untrusted page contains a link
   file:/etc/hosts
  to your local file system."

Reproduce with :

Frameset accessed via HTTP
  <html>
  <frameset>
    <frame src="frame.html" name="frame">
  </frameset>
  </html>

Where frame.html contains a local reference
  <html>
      <a href="file:/etc/hosts">Local link to file:/etc/hosts</a>
  </html>

Discussion:

The checkLinkSecurity test in kdelibs/khtml/khtml_part.cpp is performed twice for the above case. First as a warning in KHTMLPart::urlSelected, and again as an error in KHTMLPart::requestObject(khtml::ChildFrame *child ....)
Removing the second check makes this case work as expected (ie. just
the one warning with an option to Follow the link), but what other loop-holes does it open ?
Comment 1 Stephan Kulow 2004-02-08 20:33:38 UTC
Subject: Re:  New: Failed http: to local file: link within HTML frame.

Am Sonntag 08 Februar 2004 20:03 schrieb Mary:
> The checkLinkSecurity test in kdelibs/khtml/khtml_part.cpp is performed
> twice for the above case. First as a warning in KHTMLPart::urlSelected, and
> again as an error in KHTMLPart::requestObject(khtml::ChildFrame *child
> ....)
Is this any important? Ok, you got two errors for this constructed case, but 
why care?

Greetings, Stephan

Comment 2 Mary 2004-02-09 22:18:42 UTC
The second message is an error and denies access unconditionally. This sort of link is normally not good practice, but it is occasionally useful.
Comment 3 Stephan Kulow 2004-02-12 11:25:58 UTC
Useful? In security exploits possibly.
Comment 4 Mary 2004-02-12 20:44:40 UTC
Sure. So allow it or deny it, but don't offer the option to Follow the link, and then immediately deny access for the same reason.

This bug is no big deal - just logged as a minor inconsistency producing slightly confusing behaviour. A user can circumvent the check completely with "Open in New Tab".
Comment 5 Thiago Macieira 2005-12-03 16:15:15 UTC
*** Bug 117584 has been marked as a duplicate of this bug. ***
Comment 6 Dan Meltzer 2006-08-30 21:08:38 UTC
I still see the same behavior in 3.5.4... it seems to me like if the user accepts the warning, the error should not appear.  Will attach a simple patch to do that, opinions?
Comment 7 J Appel 2006-09-11 23:32:47 UTC
a patch would be a nice idea. multiple users experincing the problem --> confirm
Comment 8 Nic Gould 2008-04-06 16:53:51 UTC
Confirmed problem still exists in 4.0.3 is exactly as described above. testcase added at http://nicgould.f2s.com/kde/test.html

click on the link you get this warning:

This untrusted page links to
file:///etc/hosts.
Do you want to follow the link?

After clicking on 'follow' get this second error:

Access by untrusted page to
file:///etc/hosts
denied.

Comment 9 Janek Bevendorff 2012-06-19 18:14:49 UTC
Is this report still relevant for Konqueror 4.8.4 or later? If yes, please update the version field, otherwise close this bug.
Thank you.
Comment 10 Roland Pallai 2013-03-21 10:22:05 UTC
This is still problem for Konqueror 4.9.

Eg. I tried to upload images for a note with drag'n'drop from digikam at https://drive.google.com/keep/ but can't.
Comment 11 Roland Pallai 2013-03-21 10:31:21 UTC
Sorry, now I think my problem with Google Keep is other problem..
Comment 12 Andrew Crouthamel 2018-09-24 02:04:51 UTC
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days, the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information.

For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please set the bug status as REPORTED so that the KDE team knows that the bug is ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 13 Andrew Crouthamel 2018-10-27 03:58:16 UTC
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information.

For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!