Dear Matthias, Czesław, All, On Sat, Jun 05, 2021 at 12:39:16PM +0200, Matthias Seidel wrote:
> Hi Czesław, > > Am 05.06.21 um 12:35 schrieb Czesław Wolański: > > Hi Matthias, all > > > > A preliminary check in Calc (Windows 7, 64-bit) > > > > (1) in-document links beginning with # > > test: button with link to other sheet > > result: OK (no security warning) > > > > (2) .uno:XXX links > > result: security warning > > > > (3) Links to local files > > test: the "Hyperlink" dialog, button "WWW Browser" > > result: OK (no security warning) > > That's what I expected, since the patches are for file:// > > .uno: hasn't been addressed yet > > @Arrigo: correct me if I am wrong ;-) You should have just become wrong ;-) I found out that there are many checks on the URL protocol. I suggest that the warning was not checked at the right moment, but too soon. Because we had a report of unexpected _execution_ of malicious links, I suggest we leave the safety check on hyperlinks _just before calling the OS to execute them_. The result is that HTTP, HTTPS, but also "uno:" and all other protocols already understood by AOO are not checked, and no warnings will appear. We could argue that their safety must be assured by the code handling them, as we accepted to delegate the browser for Internet links. The latest commit, just pushed to branch bug128453, moves the check for "safe extensions" (or directory) from the beginning of hyperlinks' processing, to just before the execution of the link target by the OS. The protocol is not checked any more, because supported protocols are already filtered out and processed at that point. This should make all links to non-files work again, and still warn users when they are going to open JAR's, EXE's and other unknown types. What do you think about this? -- Arrigo --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org For additional commands, e-mail: dev-h...@openoffice.apache.org
