diff options
author | Richard Moore <rich@kde.org> | 2012-11-30 11:16:51 +0000 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2012-12-01 00:22:35 +0100 |
commit | da1f30e36a77dd96d54e8145e402a36c4596be92 (patch) | |
tree | 87be405e67f0e65de093573d982abab926038b87 | |
parent | 6b54575fb08b31e3f4776ab91d51d541619a1af7 (diff) |
Fix QML XmlHttpRequest Insecure Redirection Flaw
Fix the redirection flaw in QML's XmlHttpRequest implementation that
is described in
http://lists.qt-project.org/pipermail/announce/2012-November/000014.html
Change-Id: Idfad4bc5dde6eda8840737c38e85568f3a4c0420
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
-rw-r--r-- | src/qml/qml/qqmlxmlhttprequest.cpp | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/qml/qml/qqmlxmlhttprequest.cpp b/src/qml/qml/qqmlxmlhttprequest.cpp index c289ec5acd..c2a0741529 100644 --- a/src/qml/qml/qqmlxmlhttprequest.cpp +++ b/src/qml/qml/qqmlxmlhttprequest.cpp @@ -1338,9 +1338,11 @@ void QQmlXMLHttpRequest::finished() QVariant redirect = m_network->attribute(QNetworkRequest::RedirectionTargetAttribute); if (redirect.isValid()) { QUrl url = m_network->url().resolved(redirect.toUrl()); - destroyNetwork(); - requestFromUrl(url); - return; + if (url.scheme() != QLatin1String("file")) { + destroyNetwork(); + requestFromUrl(url); + return; + } } } |