Hi all,

I am using qt and qtwebkit in my application, it embeds webkit and loads some local html and javascript files, which do XMLHTTP requests over the network. With qtwebkit 4.5.x I had no problems doing so, no cross-site scripting blocking by webkit, everything just worked (i did security control by myself). With qt 4.6 however, I get an empty responseText of the XMLHttpRequest object. Just to be sure its not the javascript code that causes the problem, I ran a qt-4.5.x version of my app on the same html and it nicely got the xmlhttp reply. Again, ran the qt-4.6 version, and it got an empty response string. I have checked that the xssAuditor is not enabled in qtwebkit (not via qtwebkit API, but by accessing internal APIs of webkit). My question is, what is blocking my xmlhttp request and is there a way to disable this security feature, like it was in the qt-4.5.x version of WebKit? I have access to webkit
internals, so the absence of a qtwebkit API to control the xss blocking
would not be a problem, as long as there is a generic WebKit API to do so.

Thanks in advance

<<attachment: avasilev.vcf>>

webkit-dev mailing list

Reply via email to