rnhmjoj/qutebrowser
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4ae78d9bb2
qutebrowser/qutebrowser/html
History
Florian Bruhin 43e58ac865 CVE-2018-10895: Fix CSRF issues with qute://settings/set URL 
In ffc29ee043 (part of v1.0.0), a
qute://settings/set URL was added to change settings.

Contrary to what I apparently believed at the time, it *is* possible for
websites to access `qute://*` URLs (i.e., neither QtWebKit nor QtWebEngine
prohibit such requests, other than the usual cross-origin rules).

In other words, this means a website can e.g. have an `<img>` tag which loads a
`qute://settings/set` URL, which then sets `editor.command` to a bash script.
The result of that is arbitrary code execution.

Fixes #4060
See #2332
2018-07-11 17:05:23 +02:00
..
back.html Fix #3542 going back twice on lazy loading a tab 2018-02-05 01:20:56 +01:00
base.html Don't override background-color for qutebrowser pages 2017-12-11 17:38:12 +01:00
bindings.html @The-Compiler requested changes addressed. 2018-01-17 10:11:32 -05:00
bookmarks.html Add some more dwb keybindings 2017-10-09 07:00:59 +02:00
dirbrowser.html Fix dirbrowser.html for stricter jinja env 2017-07-04 15:08:02 +02:00
error.html Add a workaround for chrome-error:// loops on Qt 5.11 2018-06-07 13:49:33 +02:00
history.html Clarify history_session_interval and rename it to _gap_interval 2017-07-04 15:08:04 +02:00
license.html Fix qute://gpl 2017-11-06 12:13:54 +01:00
log.html Make qute://log lines darker 2017-12-12 22:52:35 +01:00
no_pdfjs.html Rewrite various references to old settings 2017-07-04 15:08:02 +02:00
pre.html Use jinja for most qute:... pages. 2014-08-29 06:41:18 +02:00
settings.html CVE-2018-10895: Fix CSRF issues with qute://settings/set URL 2018-07-11 17:05:23 +02:00
styled.html Show hostname in non-javascript history page. 2017-04-24 15:30:01 +05:00
tabs.html Add 20px margin above the raw list 2018-02-12 22:49:02 +01:00
version.html Improve styling for qute://version and move button 2018-02-11 11:11:55 +01:00