diff options
author | Luke Shumaker <LukeShu@sbcglobal.net> | 2013-05-13 12:53:48 -0400 |
---|---|---|
committer | Luke Shumaker <LukeShu@sbcglobal.net> | 2013-05-13 12:53:48 -0400 |
commit | f6fde4b83792b43883cdccac2a46145d48cef42d (patch) | |
tree | 9de2ea480baf7073f53b3bf5d88dc1e48cbf9fa0 /libre/kdelibs-libre/security-fix.patch | |
parent | 78bf47e43de121f3460b6c6f608bd5f5b8a85f28 (diff) | |
parent | 3bc640f96a0afc77163253ad0ed504057c8e7e00 (diff) | |
download | abslibre-f6fde4b83792b43883cdccac2a46145d48cef42d.tar.gz abslibre-f6fde4b83792b43883cdccac2a46145d48cef42d.tar.bz2 abslibre-f6fde4b83792b43883cdccac2a46145d48cef42d.zip |
Merge branch 'master' of ssh://parabolagnulinux.org:1863/srv/git/abslibre
Diffstat (limited to 'libre/kdelibs-libre/security-fix.patch')
-rw-r--r-- | libre/kdelibs-libre/security-fix.patch | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/libre/kdelibs-libre/security-fix.patch b/libre/kdelibs-libre/security-fix.patch new file mode 100644 index 000000000..3d98a47ae --- /dev/null +++ b/libre/kdelibs-libre/security-fix.patch @@ -0,0 +1,32 @@ +commit 65d736dab592bced4410ccfa4699de89f78c96ca +Author: Grégory Oestreicher <greg@kamago.net> +Date: Wed May 8 23:16:00 2013 +0200 + + Don't show passwords contained in HTTP URLs in error messages + BUG: 319428 + +diff --git a/kioslave/http/http.cpp b/kioslave/http/http.cpp +index 2d139a9..129fc7b 100644 +--- a/kioslave/http/http.cpp ++++ b/kioslave/http/http.cpp +@@ -3056,7 +3056,7 @@ try_again: + ; // Ignore error + } else { + if (!sendErrorPageNotification()) { +- error(ERR_INTERNAL_SERVER, m_request.url.url()); ++ error(ERR_INTERNAL_SERVER, m_request.url.prettyUrl()); + return false; + } + } +@@ -3072,9 +3072,9 @@ try_again: + // Tell that we will only get an error page here. + if (!sendErrorPageNotification()) { + if (m_request.responseCode == 403) +- error(ERR_ACCESS_DENIED, m_request.url.url()); ++ error(ERR_ACCESS_DENIED, m_request.url.prettyUrl()); + else +- error(ERR_DOES_NOT_EXIST, m_request.url.url()); ++ error(ERR_DOES_NOT_EXIST, m_request.url.prettyUrl()); + return false; + } + } else if (m_request.responseCode >= 301 && m_request.responseCode<= 303) { |