Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: P2: Important
Fix Version/s: None
Affects Version/s: 6.10
Component/s: Core: Resource System, Documentation, Network
Labels:
- framework-content

Epic Link:
Qt 6 Cyber Security Documentation

Description

There are security issues with handling URIs and URLs from remote sources (network) and local sources (images, media, and so on).

Go over what we currently cover and see how we can improve the security aspect of those Qt features. Specifically, URL and URI schemes and file loading and saving.

References:

1)There are several CWE entries for input handling, one of them is:

https://cwe.mitre.org/data/definitions/939.html

2)RFC 8252 has a security consideration section that mentions URI schemes:

https://datatracker.ietf.org/doc/html/rfc8252#section-8

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Jerome Pasion

Reporter:: Jerome Pasion

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 31 Mar '25 08:01

Updated:: 31 Mar '25 08:05

Gerrit Reviews

There are no open Gerrit changes