rnhmjoj/qutebrowser
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8e6aa9e3e1
qutebrowser/tests/unit/browser
History
Florian Bruhin 43e58ac865 CVE-2018-10895: Fix CSRF issues with qute://settings/set URL 
In ffc29ee043 (part of v1.0.0), a
qute://settings/set URL was added to change settings.

Contrary to what I apparently believed at the time, it *is* possible for
websites to access `qute://*` URLs (i.e., neither QtWebKit nor QtWebEngine
prohibit such requests, other than the usual cross-origin rules).

In other words, this means a website can e.g. have an `<img>` tag which loads a
`qute://settings/set` URL, which then sets `editor.command` to a bash script.
The result of that is arbitrary code execution.

Fixes #4060
See #2332
2018-07-11 17:05:23 +02:00
..
webengine Add missing str() 2018-06-28 13:26:45 +02:00
webkit CVE-2018-10895: Fix CSRF issues with qute://settings/set URL 2018-07-11 17:05:23 +02:00
test_adblock.py Modify assert_url to treat localhost differently 2018-03-28 14:27:17 +01:00
test_hints.py Update copyright years 2018-02-05 12:19:50 +01:00
test_history.py Update copyright years 2018-02-05 12:19:50 +01:00
test_pdfjs.py tests: relax pdfjs tests 2016-10-06 16:18:21 +02:00
test_qutescheme.py Update copyright years 2018-02-05 12:19:50 +01:00
test_shared.py Fix test_shared.py 2018-06-24 22:31:27 +02:00
test_signalfilter.py Refactor TabbedBrowser from inheritance to composition 2018-02-19 14:29:05 +01:00
urlmarks.py Remove unused import and TODO from urlmarks test. 2018-02-12 19:25:24 -05:00