https://bugs.kde.org/show_bug.cgi?id=390452
Jan Kundrát <j...@kde.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Status|UNCONFIRMED |CONFIRMED
--- Comment #1 from Jan Kundrát <j...@kde.org> ---
Hi Jens, thanks a lot for this test. We understand that this is indeed a
problem -- thanks for letting us know.
We're relying on the Qt framework's packaging of WebKit for HTML rendering. Can
you please specify which Qt version and on which platform did you use in this
test? The upstream situation with QtWebKit is, well, complicated, so this is an
important piece of information for us. Please note that there are at least two
implementations of "QtWebKit", one based on the official repositories and the
other based on [1]. Some Linux distributions have switched to using this other
WebKit.
It's documented [2] that DNS prefetching should be disabled by default in the
official (and obsolete) Qt module. I also checked the code in latest upstream's
git, and in there that attribute also defaults to false. We have so far relied
on these effects (and some ad-hoc manual checks which were done at design &
implementation time) to ensure that we don't leak these data. Too bad that it
apparently fails now.
[1] https://github.com/annulen/webkit
[2] http://doc.qt.io/archives/qt-5.5/qwebsettings.html#WebAttribute-enum
--
You are receiving this mail because:
You are watching all bug changes.
