Web lists-archives.com

Re: [kde] konqueror links in iframe want to open in other window




Jerome Yuzyk posted on Mon, 02 Mar 2015 16:49:47 -0700 as excerpted:

> I am having a problem with embedding local Webalizer pages in an iframe
> and viewing that in Konqueror (KDE 4.11.5). Links inside the iframe want
> to open in a new window and even the right-click "Open in this Window"
> option is missing for links in the iframe. I'm using a
> file:///...index.html and testing on my desktop before deploying to be
> served by Apache. I have other examples that I hadn't tested in
> Konqueror before but did now and they act the same.
> 
> There's nothing in the Webalizer output nor mine to make this "open in
> new window" behaviour, and I can't find anything in my Konqueror config
> that could be doing this.
> 
> Ah... this only happens for file:/// URLs - why would that be?

I'm just a user so don't take this as developer-gospel, but...

I'm guessing that's for security reasons.  If local content were to open 
in the same window as an existing web page, it would be very easy for 
someone with bad intent to create confusion between the two, leading to 
security issues.

Meanwhile, while the ultimate decision is yours, for many years konqueror 
was my primary web browser, but in the early kde4 timeframe (thru 4.6 at 
least), it became very apparent to me that even most kde devs considered 
konqueror more a toy than a working browser, with few of them choosing it 
as their default browser, and behavior toward critical security issues 
inappropriate for a browser suitable for use with, for example, online 
banking.  While the kde 4.3 release was considered ready for ordinary 
users, for instance, there was no useful security cert configuration GUI 
unti 4.7 -- this thru a time period when not only certificates, but 
several entire certificate authorities, were compromised and warnings 
were going out to disable their certificates in your browser -- but 
konqueror couldn't do so as there simply wasn't a GUI for it.  Similarly, 
there was a form double-submission bug in the early stable 4.6 series, 
that could conceivably have caused users using kde for online shopping 
and banking to double-submit purchases, and the like.  Not only was this 
bug allowed into a stable series (bugs happen), but despite it being 
pinned to a specific commit relatively quickly, no urgent bugfix update 
was released.  In fact, the first monthly update after that didn't get 
the fix either, so it was a full two months after a critical bug release 
in a so-called stable series, before that bug was fixed.  Since they were 
publicly claiming it was appropriate for ordinary use, there were two 
possible explanations.  Either they didn't consider konqueror anything 
more than a toy, certainly nothing appropriate for use as a default 
browser you might use for web shopping and internet banking, or they were 
entirely irresponsible at best.

I decided that either way, such behavior was not appropriate for a 
default browser on *MY* system, and switched to firefox, which **DOES** 
get treated like a real browser, not a toy, and DOES get appropriate 
security updates.  Soon thereafter I quit installing konqueror entirely.

Tho I can see at least having it installed for web page testing as 
effectively just another browser to test with, not to otherwise use, if 
you're a web dev.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

___________________________________________________
This message is from the kde mailing list.
Account management:  https://mail.kde.org/mailman/listinfo/kde.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.