A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
Created webkitgtk tracking bugs for this issue: Affects: fedora-all [bug 2271447]