File 9ca2b26f-kssl-cn-input-validation.diff of Package kdelibs4

commit 9ca2b26fc67c3f921e1943c1725fca623e395854
Author: David Faure <faure@kde.org>
Date:   Thu Jun 30 23:43:45 2011 +0200

    Security fix: don't interpret html tags
    
    Credits to Tim Brown for the find.
    (cherry picked from commit bd70d4e589711fda9ab07738c46e37eee8376214)

diff --git a/kio/kssl/ksslcertificatebox.cpp b/kio/kssl/ksslcertificatebox.cpp
index 4ffc613..094787a 100644
--- a/kio/kssl/ksslcertificatebox.cpp
+++ b/kio/kssl/ksslcertificatebox.cpp
@@ -36,6 +36,10 @@ KSslCertificateBox::KSslCertificateBox(QWidget *parent)
    d(new KSslCertificateBoxPrivate())
 {
     d->ui.setupUi(this);
+    // No fooling us with html tags
+    Q_FOREACH(QLabel* label, qFindChildren<QLabel *>(this)) {
+        label->setTextFormat(Qt::PlainText);
+    }
 }
openSUSE Build Service is sponsored by