diff options
author | Richard Moore <rich@kde.org> | 2012-11-30 11:21:15 +0000 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2012-12-01 08:26:19 +0100 |
commit | 71bc3a1b01217c692d2604bc9c8d9bea008035ec (patch) | |
tree | 5f8f1f4594c9d8c7c79909713ebb60a3c08f89d4 /src | |
parent | 960e961ca1470f0eb2dbacaa69be5f5e464131f4 (diff) |
Fix QML XmlHttpRequest Insecure Redirection Flaw
Fix the redirection flaw in QML's XmlHttpRequest implementation that
is described in
http://lists.qt-project.org/pipermail/announce/2012-November/000014.html
Change-Id: I5190e63648f4664753003b70c20cb8dbd20ab150
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/declarative/qml/qdeclarativexmlhttprequest.cpp | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/declarative/qml/qdeclarativexmlhttprequest.cpp b/src/declarative/qml/qdeclarativexmlhttprequest.cpp index 37e73089..bb16a9c1 100644 --- a/src/declarative/qml/qdeclarativexmlhttprequest.cpp +++ b/src/declarative/qml/qdeclarativexmlhttprequest.cpp @@ -1269,9 +1269,11 @@ void QDeclarativeXMLHttpRequest::finished() QVariant redirect = m_network->attribute(QNetworkRequest::RedirectionTargetAttribute); if (redirect.isValid()) { QUrl url = m_network->url().resolved(redirect.toUrl()); - destroyNetwork(); - requestFromUrl(url); - return; + if (url.scheme() != QLatin1String("file")) { + destroyNetwork(); + requestFromUrl(url); + return; + } } } |