loleaflet/main.js | 2 +-
loleaflet/src/core/Socket.js | 2 +-
loolwsd/DocumentBroker.cpp | 15 +++++++++++++++
loolwsd/LOOLWSD.cpp | 4 +---
4 files changed, 18 insertions(+), 5 deletions(-)
New commits:
commit 1618f6be4d14412627eb8195dcd8f3cdfe766958
Author: Pranav Kant <pran...@collabora.co.uk>
Date: Thu Nov 17 12:36:48 2016 +0530
loolwsd: Decode the encoded access_token before CheckFileInfo
Change-Id: Ia4511803ca5570ad5675e00c99108fd32360734d
diff --git a/loolwsd/DocumentBroker.cpp b/loolwsd/DocumentBroker.cpp
index a71d405..6cc4847 100644
--- a/loolwsd/DocumentBroker.cpp
+++ b/loolwsd/DocumentBroker.cpp
@@ -111,6 +111,21 @@ Poco::URI DocumentBroker::sanitizeURI(const std::string&
uri)
throw std::runtime_error("Invalid URI.");
}
+ // We decoded access token before embedding it in loleaflet.html
+ // So, we need to decode it now to get its actual value
+ Poco::URI::QueryParameters queryParams = uriPublic.getQueryParameters();
+ for (auto& param: queryParams)
+ {
+ // look for encoded query params (access token as of now)
+ if (param.first == "access_token")
+ {
+ std::string decodedToken;
+ Poco::URI::decode(param.second, decodedToken);
+ param.second = decodedToken;
+ }
+ }
+ uriPublic.setQueryParameters(queryParams);
+
return uriPublic;
}
commit 8a1ac91fa66efe4ec647e4202bea1cb2ac9f0b57
Author: Pranav Kant <pran...@collabora.co.uk>
Date: Thu Nov 17 12:31:25 2016 +0530
loolwsd: Prevent double decoding
Change-Id: I5927e0113505ffcc167e16700db7c2f6408ed3b7
diff --git a/loleaflet/main.js b/loleaflet/main.js
index 73fbd5c..93e8511 100644
--- a/loleaflet/main.js
+++ b/loleaflet/main.js
@@ -81,7 +81,7 @@ global.errorMessages = errorMessages;
var docURL, docParams;
var isWopi = false;
if (wopiSrc != '') {
- docURL = wopiSrc;
+ docURL = decodeURIComponent(wopiSrc);
docParams = wopiParams;
isWopi = true;
} else {
diff --git a/loleaflet/src/core/Socket.js b/loleaflet/src/core/Socket.js
index e8b342b..e9efbee 100644
--- a/loleaflet/src/core/Socket.js
+++ b/loleaflet/src/core/Socket.js
@@ -81,7 +81,7 @@ L.Socket = L.Class.extend({
// TODO: Move the version number somewhere sensible.
this._doSend('loolclient ' + this.ProtocolVersionNumber);
- var msg = 'load url=' + this._map.options.doc;
+ var msg = 'load url=' +
encodeURIComponent(this._map.options.doc);
if (this._map._docLayer) {
// we are reconnecting after a lost connection
msg += ' part=' + this._map.getCurrentPartNumber();
diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index bbbf24c..8a3fd40 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -1126,9 +1126,7 @@ public:
// sending incomplete frames.
ws->setBlocking(true);
ws->setSendTimeout(WS_SEND_TIMEOUT_MS * 1000);
- std::string decodedUri;
- URI::decode(reqPathTokens[1], decodedUri);
- handleGetRequest(decodedUri, ws, id);
+ handleGetRequest(reqPathTokens[1], ws, id);
}
catch (const WebSocketErrorMessageException& exc)
{
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
