diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2017-01-16 14:39:09 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2017-01-18 00:00:14 +0000 |
commit | 42c6033724e2b5a54702d626c57806e53f163c62 (patch) | |
tree | 625db155a6e1baaaeac69f0d09c1dd97cc595bfa /src/webengine/doc/src | |
parent | 8234695a88ea853a19ccbe25157f23a632433b9a (diff) |
QWebEngineDownloadItem::path() should not be percentage encoded
If the name of the download item is derived from the URL, we currently
end up reporting a partially percentage encoded name. This is
problematic if our users try to undo the the percentage encoding and
opens them out to download-folder escaping files that can install hooks
in the user's home directory.
[ChangeLog][DownloadItem] (QWebEngine)DownloadItem::path() was previously
incorrectly returning percentage encoded file-names when the suggested
path was based on URL. This has been corrected. Note percentage decoding
the path generally before is not just incorrect when the path is not based
on URL, but also dangerous as it can lead to downloads that escape the
download folder.
Task-number: QTBUG-58155
Change-Id: Ie23a4ff5d4e4c353df72e617bb2b00e1935cd6c1
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Diffstat (limited to 'src/webengine/doc/src')
0 files changed, 0 insertions, 0 deletions