summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMontel Laurent <montel@kde.org>2012-07-02 05:00:53 (GMT)
committerMontel Laurent <montel@kde.org>2012-07-02 06:32:44 (GMT)
commitdbb2f72f4745e00f53031965a9c10b2d6862bd54 (patch)
treeb9d6872969a1a318b9a2db6ec62b6f2a93033ec7
parent86e5c519f58221859746ef9865496b3b533afa82 (diff)
Security fix found by David yesterday during debug
(cherry picked from commit b6a46407d83ad9368a9825c687fa44e660f7104a)
-rw-r--r--messageviewer/htmlquotecolorer.cpp4
1 files changed, 4 insertions, 0 deletions
diff --git a/messageviewer/htmlquotecolorer.cpp b/messageviewer/htmlquotecolorer.cpp
index b54e989..67c3062 100644
--- a/messageviewer/htmlquotecolorer.cpp
+++ b/messageviewer/htmlquotecolorer.cpp
@@ -40,6 +40,10 @@ QString HTMLQuoteColorer::process( const QString &htmlSource )
#ifndef KDEPIM_NO_WEBKIT
// Create a DOM Document from the HTML source
QWebPage page(0);
+ page.settings()->setAttribute( QWebSettings::JavascriptEnabled, false );
+ page.settings()->setAttribute( QWebSettings::JavaEnabled, false );
+ page.settings()->setAttribute( QWebSettings::PluginsEnabled, false );
+
QWebFrame *frame = page.mainFrame();
frame->setHtml( htmlSource );