rnhmjoj/qutebrowser
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
43e58ac865
qutebrowser/tests/unit
History
Florian Bruhin 43e58ac865 CVE-2018-10895: Fix CSRF issues with qute://settings/set URL 
In ffc29ee043 (part of v1.0.0), a
qute://settings/set URL was added to change settings.

Contrary to what I apparently believed at the time, it *is* possible for
websites to access `qute://*` URLs (i.e., neither QtWebKit nor QtWebEngine
prohibit such requests, other than the usual cross-origin rules).

In other words, this means a website can e.g. have an `<img>` tag which loads a
`qute://settings/set` URL, which then sets `editor.command` to a bash script.
The result of that is arbitrary code execution.

Fixes #4060
See #2332
2018-07-11 17:05:23 +02:00
..
browser CVE-2018-10895: Fix CSRF issues with qute://settings/set URL 2018-07-11 17:05:23 +02:00
commands Wait until runner is finished in test_custom_env 2018-03-19 11:43:08 +01:00
completion Remove the deprecated :tab-detach 2018-06-09 21:25:09 +02:00
config Fix test_set_wrong_backend 2018-07-02 22:32:59 +02:00
javascript Fix lint 2018-06-09 23:00:57 +02:00
keyinput Support new dead keys added in Qt 5.11 properly 2018-07-02 22:32:59 +02:00
mainwindow Add basic tests for tab width sizing 2018-03-22 14:27:33 -04:00
misc Update PyPI api URL. 2018-05-02 23:08:51 +12:00
scripts Update copyright years 2018-02-05 12:19:50 +01:00
utils Strip trailing newlines from pastebin URL 2018-07-08 22:09:56 +02:00
test_app.py Update copyright years 2018-02-05 12:19:50 +01:00