Index: http.cc =================================================================== RCS file: /home/kde/kdelibs/kio/http/Attic/http.cc,v retrieving revision 1.389.2.18 diff -u -r1.389.2.18 http.cc --- http.cc 19 Dec 2001 23:30:49 -0000 1.389.2.18 +++ http.cc 4 Jul 2003 14:50:16 -0000 @@ -864,12 +864,24 @@ bool sendReferrer = config()->readBoolEntry("SendReferrer", true); if ( sendReferrer ) { - QString referrer = config()->readEntry("referrer"); - if (!referrer.isEmpty()) + KURL referrerURL = config()->readEntry("referrer"); + if (referrerURL.isValid()) { - header += "Referer: "; - header += referrer; - header += "\r\n"; //Don't try to correct spelling! + // Sanitize + QString protocol = referrerURL.protocol(); + + if ((protocol == "http") || + ((protocol == "https") && (m_protocol == "https")) + ) + { + referrerURL.setRef(QString::null); + referrerURL.setUser(QString::null); + referrerURL.setPass(QString::null); + + header += "Referer: "; + header += referrerURL.url(); + header += "\r\n"; //Don't try to correct spelling! + } } }