Revision 4077bd2...

Go back to digest for 17th July 2011

Bug Fixes in KDE Base

Rolf Eike Beer committed changes in [kdelibs/KDE/4.7] /:

fix filename security check being omitted on parse error in HTTP header

A header like this:

Content-Disposition: attachment; filename="/home/eike/.gnupg/gpg.conf";
foo="bar; foo="baz"

would not have the path from the filename stripped because of the later parse
error.

This adds a unit test for this and some other cornercases.

FIXED-IN:4.7.1

backport of 54e8eded22c4af61f609b6184cc0293df407a2f9

Bug 278643: Path not stripped from HTTP Content-Disposition header on later error

-12 days

File Changes

Modified 2 files

kioslave/http/parsinghelpers.cpp
kioslave/tests/httpheaderdispositiontest.cpp

2 files changed in total