https://bugs.kde.org/show_bug.cgi?id=390452
Jan Kundrát <j...@kde.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |CONFIRMED --- Comment #1 from Jan Kundrát <j...@kde.org> --- Hi Jens, thanks a lot for this test. We understand that this is indeed a problem -- thanks for letting us know. We're relying on the Qt framework's packaging of WebKit for HTML rendering. Can you please specify which Qt version and on which platform did you use in this test? The upstream situation with QtWebKit is, well, complicated, so this is an important piece of information for us. Please note that there are at least two implementations of "QtWebKit", one based on the official repositories and the other based on [1]. Some Linux distributions have switched to using this other WebKit. It's documented [2] that DNS prefetching should be disabled by default in the official (and obsolete) Qt module. I also checked the code in latest upstream's git, and in there that attribute also defaults to false. We have so far relied on these effects (and some ad-hoc manual checks which were done at design & implementation time) to ensure that we don't leak these data. Too bad that it apparently fails now. [1] https://github.com/annulen/webkit [2] http://doc.qt.io/archives/qt-5.5/qwebsettings.html#WebAttribute-enum -- You are receiving this mail because: You are watching all bug changes.