avmedia/source/gstreamer/gstframegrabber.cxx | 14 ++++++---
dbaccess/source/core/dataaccess/ModelImpl.cxx | 3 +-
include/sfx2/docmacromode.hxx | 4 ++
include/sfx2/objsh.hxx | 6 ++++
include/sfx2/strings.hrc | 1
include/tools/urlobj.hxx | 5 +++
sc/source/core/data/global.cxx | 7 ++++
sd/source/ui/app/sdmod1.cxx | 29 ++++++++++++-------
sfx2/source/doc/docmacromode.cxx | 8 ++++-
sfx2/source/doc/iframe.cxx | 5 ++-
sfx2/source/doc/objmisc.cxx | 35 +++++++++++++++++++++++
sfx2/source/doc/objxtor.cxx | 1
sfx2/source/inc/objshimp.hxx | 3 +-
sw/source/filter/html/htmlplug.cxx | 2 -
sw/source/filter/xml/xmltexti.cxx | 2 -
sw/source/uibase/shells/drwtxtex.cxx | 8 +----
sw/source/uibase/wrtsh/wrtsh2.cxx | 38 ++++++++++++++++----------
tools/source/fsys/urlobj.cxx | 9 ++++++
xmloff/source/draw/ximpshap.cxx | 2 -
19 files changed, 135 insertions(+), 47 deletions(-)
New commits:
commit ddbc78e7879671574e79cc3b93a0ccd362bad30e
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Wed Nov 22 21:14:41 2023 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Fri Nov 24 18:23:33 2023 +0100
reuse AllowedLinkProtocolFromDocument in impress/draw
Change-Id: I73ca4f087946a45dbf92d69a0dc1e769de9b5690
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159843
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit f0942eed2eb328b04856f20613f5226d66b66a20)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159759
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
Signed-off-by: Xisco Fauli <xiscofa...@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159884
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
Signed-off-by: Xisco Fauli <xiscofa...@libreoffice.org>
diff --git a/sd/source/ui/app/sdmod1.cxx b/sd/source/ui/app/sdmod1.cxx
index 3d84ddb0da56..8d42653545ea 100644
--- a/sd/source/ui/app/sdmod1.cxx
+++ b/sd/source/ui/app/sdmod1.cxx
@@ -32,6 +32,7 @@
#include <sfx2/dispatch.hxx>
#include <sfx2/request.hxx>
#include <sfx2/templatedlg.hxx>
+#include <svl/stritem.hxx>
#include <editeng/eeitem.hxx>
#include <svx/svxids.hrc>
@@ -193,26 +194,32 @@ void SdModule::Execute(SfxRequest& rReq)
{
bool bIntercept = false;
::sd::DrawDocShell* pDocShell = dynamic_cast< ::sd::DrawDocShell
*>( SfxObjectShell::Current() );
- if (pDocShell)
+ ::sd::ViewShell* pViewShell = pDocShell ?
pDocShell->GetViewShell() : nullptr;
+ if (pViewShell)
{
- ::sd::ViewShell* pViewShell = pDocShell->GetViewShell();
- if (pViewShell)
+ if( sd::SlideShow::IsRunning( pViewShell->GetViewShellBase() )
)
{
- if( sd::SlideShow::IsRunning(
pViewShell->GetViewShellBase() ) )
+ // Prevent documents from opening while the slide
+ // show is running, except when this request comes
+ // from a shape interaction.
+ if (rReq.GetArgs() == nullptr)
{
- // Prevent documents from opening while the slide
- // show is running, except when this request comes
- // from a shape interaction.
- if (rReq.GetArgs() == nullptr)
- {
- bIntercept = true;
- }
+ bIntercept = true;
}
}
}
if (!bIntercept)
{
+ if (const SfxStringItem* pURLItem =
rReq.GetArg<SfxStringItem>(SID_FILE_NAME))
+ {
+ if (!pViewShell ||
!SfxObjectShell::AllowedLinkProtocolFromDocument(pURLItem->GetValue(),
+
pViewShell->GetObjectShell(),
+
pViewShell->GetFrameWeld()))
+ {
+ return;
+ }
+ }
SfxGetpApp()->ExecuteSlot(rReq, SfxGetpApp()->GetInterface());
}
else
commit 530830fdae0f9092fbd93c7be315b2055a841bf3
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Wed Nov 15 11:39:24 2023 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Fri Nov 24 18:23:23 2023 +0100
reuse AllowedLinkProtocolFromDocument in writer
reorg calc hyperlink check to reuse elsewhere
Change-Id: I20ae3c5df15502c3a0a366fb4a2924c06ffac3d0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159487
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit e6a7537762e19fde446441edd10d301f9b37ce75)
reuse AllowedLinkProtocolFromDocument in writer
Change-Id: Iacf5e313fc6ca5f7d69ca6986a036f0e1ab1f2a0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159488
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 32535dfa82200b54296838b52285c054fbe5e51d)
combine these hyperlink dispatchers into one call
Change-Id: Icb7822e811013de648ccf2fbb23a5f0be9e29bb0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159489
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 0df175ccc6ea542bc5801f631ff72bed187042eb)
we can have just one LoadURL for writer
Change-Id: Ia0162ee1c275292fcf200bad4662e4c2c6b7b972
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159557
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 521ca9cf6acbae96cf95d9740859c9682212013d)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159858
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit e32b8601dbd63cf01497889601d6c9c1241106d6)
diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx
index 43df4605fe1d..2a65b7a93e7e 100644
--- a/include/sfx2/objsh.hxx
+++ b/include/sfx2/objsh.hxx
@@ -202,6 +202,9 @@ private:
SAL_DLLPRIVATE bool SaveTo_Impl(SfxMedium &rMedium, const SfxItemSet* pSet
);
+ // true if the document had macros (or similar) on load to trigger warning
user
+ SAL_DLLPRIVATE bool GetHadCheckedMacrosOnLoad() const;
+
protected:
SfxObjectShell(SfxObjectCreateMode);
SfxObjectShell(SfxModelFlags); // see
sfxmodelfactory.hxx
@@ -418,8 +421,8 @@ public:
void SetMacroCallsSeenWhileLoading();
bool GetMacroCallsSeenWhileLoading() const;
- // true if the document had macros (or similar) on load to trigger warning
user
- bool GetHadCheckedMacrosOnLoad() const;
+ // true if this type of link, from a document, is allowed by the user to
be passed to uno:OpenDoc
+ static bool AllowedLinkProtocolFromDocument(const
OUString& rUrl, SfxObjectShell* pObjShell, weld::Window* pDialogParent);
const css::uno::Sequence< css::beans::PropertyValue >&
GetModifyPasswordInfo() const;
bool SetModifyPasswordInfo( const
css::uno::Sequence< css::beans::PropertyValue >& aInfo );
diff --git a/sc/source/core/data/global.cxx b/sc/source/core/data/global.cxx
index 9696f7d9414d..3295a38a0243 100644
--- a/sc/source/core/data/global.cxx
+++ b/sc/source/core/data/global.cxx
@@ -26,9 +26,7 @@
#include <sfx2/docfile.hxx>
#include <sfx2/dispatch.hxx>
#include <sfx2/objsh.hxx>
-#include <sfx2/sfxresid.hxx>
#include <sfx2/sfxsids.hrc>
-#include <sfx2/strings.hrc>
#include <sfx2/viewfrm.hxx>
#include <sfx2/viewsh.hxx>
#include <svl/intitem.hxx>
@@ -827,34 +825,8 @@ void ScGlobal::OpenURL(const OUString& rURL, const
OUString& rTarget, bool bIgno
aUrlName = aNewUrlName;
}
- if (INetURLObject(aUrlName).IsExoticProtocol())
- {
- // Default to ignoring exotic protocols
- bool bAllow = false;
- if (pObjShell)
- {
- // If the document had macros when loaded then follow the allowed
macro-mode
- if (pObjShell->GetHadCheckedMacrosOnLoad())
- bAllow = pObjShell->AdjustMacroMode();
- else // otherwise ask the user, defaulting to cancel
- {
- assert(pFrame && "if we have pObjShell we have pFrame");
- //Reuse URITools::onOpenURI warning string
- std::unique_ptr<weld::MessageDialog>
xQueryBox(Application::CreateMessageDialog(pFrame->GetWindow().GetFrameWeld(),
-
VclMessageType::Warning, VclButtonsType::YesNo,
-
SfxResId(STR_DANGEROUS_TO_OPEN)));
-
xQueryBox->set_primary_text(xQueryBox->get_primary_text().replaceFirst("$(ARG1)",
- INetURLObject::decode(aUrlName,
INetURLObject::DecodeMechanism::Unambiguous)));
- xQueryBox->set_default_response(RET_NO);
- bAllow = xQueryBox->run() == RET_YES;
- }
- }
- if (!bAllow)
- {
- SAL_WARN("sc", "ScGlobal::OpenURL ignoring: " << aUrlName);
- return;
- }
- }
+ if (!SfxObjectShell::AllowedLinkProtocolFromDocument(aUrlName, pObjShell,
pFrame ? pFrame->GetWindow().GetFrameWeld() : nullptr))
+ return;
SfxStringItem aUrl( SID_FILE_NAME, aUrlName );
SfxStringItem aTarget( SID_TARGETNAME, rTarget );
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index c7418ef127fd..f372de7fe4b1 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -964,6 +964,33 @@ bool SfxObjectShell::GetHadCheckedMacrosOnLoad() const
return pImpl->m_bHadCheckedMacrosOnLoad;
}
+bool SfxObjectShell::AllowedLinkProtocolFromDocument(const OUString& rUrl,
SfxObjectShell* pObjShell, weld::Window* pDialogParent)
+{
+ if (!INetURLObject(rUrl).IsExoticProtocol())
+ return true;
+ // Default to ignoring exotic protocols
+ bool bAllow = false;
+ if (pObjShell)
+ {
+ // If the document had macros when loaded then follow the allowed
macro-mode
+ if (pObjShell->GetHadCheckedMacrosOnLoad())
+ bAllow = pObjShell->AdjustMacroMode();
+ else // otherwise ask the user, defaulting to cancel
+ {
+ //Reuse URITools::onOpenURI warning string
+ std::unique_ptr<weld::MessageDialog>
xQueryBox(Application::CreateMessageDialog(pDialogParent,
+
VclMessageType::Warning, VclButtonsType::YesNo,
+
SfxResId(STR_DANGEROUS_TO_OPEN)));
+
xQueryBox->set_primary_text(xQueryBox->get_primary_text().replaceFirst("$(ARG1)",
+ INetURLObject::decode(rUrl,
INetURLObject::DecodeMechanism::Unambiguous)));
+ xQueryBox->set_default_response(RET_NO);
+ bAllow = xQueryBox->run() == RET_YES;
+ }
+ }
+ SAL_WARN_IF(!bAllow, "sfx.appl",
"SfxObjectShell::AllowedLinkProtocolFromDocument ignoring: " << rUrl);
+ return bAllow;
+}
+
void SfxObjectShell::CheckEncryption_Impl( const uno::Reference<
task::XInteractionHandler >& xHandler )
{
OUString aVersion;
diff --git a/sw/source/uibase/shells/drwtxtex.cxx
b/sw/source/uibase/shells/drwtxtex.cxx
index 60bdf16380be..0e3ba07c3973 100644
--- a/sw/source/uibase/shells/drwtxtex.cxx
+++ b/sw/source/uibase/shells/drwtxtex.cxx
@@ -545,12 +545,8 @@ void SwDrawTextShell::Execute( SfxRequest &rReq )
const SvxFieldData* pField = pOLV->GetFieldAtCursor();
if (const SvxURLField* pURLField = dynamic_cast<const
SvxURLField*>(pField))
{
- SfxStringItem aUrl(SID_FILE_NAME, pURLField->GetURL());
- SfxStringItem aTarget(SID_TARGETNAME,
pURLField->GetTargetFrame());
- SfxBoolItem aNewView(SID_OPEN_NEW_VIEW, false);
- SfxBoolItem aBrowsing(SID_BROWSE, true);
- GetView().GetViewFrame()->GetDispatcher()->ExecuteList(
- SID_OPENDOC, SfxCallMode::SYNCHRON, { &aUrl, &aTarget,
&aNewView, &aBrowsing });
+ ::LoadURL(GetShell(), pURLField->GetURL(), LoadUrlFlags::NONE,
+ pURLField->GetTargetFrame());
}
}
break;
diff --git a/sw/source/uibase/wrtsh/wrtsh2.cxx
b/sw/source/uibase/wrtsh/wrtsh2.cxx
index 3197c596e52a..7a4088f0c497 100644
--- a/sw/source/uibase/wrtsh/wrtsh2.cxx
+++ b/sw/source/uibase/wrtsh/wrtsh2.cxx
@@ -490,30 +490,24 @@ bool SwWrtShell::ClickToINetGrf( const Point& rDocPt,
LoadUrlFlags nFilter )
return bRet;
}
-void LoadURL( SwViewShell& rVSh, const OUString& rURL, LoadUrlFlags nFilter,
- const OUString& rTargetFrameName )
+static void LoadURL(SwView& rView, const OUString& rURL, LoadUrlFlags nFilter,
+ const OUString& rTargetFrameName)
{
- OSL_ENSURE( !rURL.isEmpty(), "what should be loaded here?" );
- if( rURL.isEmpty() )
- return ;
+ SwDocShell* pDShell = rView.GetDocShell();
+ OSL_ENSURE( pDShell, "No DocShell?!");
+ SfxViewFrame* pViewFrame = rView.GetViewFrame();
- // The shell could be 0 also!!!!!
- if ( dynamic_cast<const SwCursorShell*>( &rVSh) == nullptr )
+ if (!SfxObjectShell::AllowedLinkProtocolFromDocument(rURL, pDShell,
pViewFrame->GetWindow().GetFrameWeld()))
return;
// We are doing tiledRendering, let the client handles the URL loading,
// unless we are jumping to a TOC mark.
if (comphelper::LibreOfficeKit::isActive() && !rURL.startsWith("#"))
{
-
rVSh.GetSfxViewShell()->libreOfficeKitViewCallback(LOK_CALLBACK_HYPERLINK_CLICKED,
rURL.toUtf8().getStr());
+ rView.libreOfficeKitViewCallback(LOK_CALLBACK_HYPERLINK_CLICKED,
rURL.toUtf8().getStr());
return;
}
- //A CursorShell is always a WrtShell
- SwWrtShell &rSh = static_cast<SwWrtShell&>(rVSh);
-
- SwDocShell* pDShell = rSh.GetView().GetDocShell();
- OSL_ENSURE( pDShell, "No DocShell?!");
OUString sTargetFrame(rTargetFrameName);
if (sTargetFrame.isEmpty() && pDShell)
{
@@ -528,7 +522,6 @@ void LoadURL( SwViewShell& rVSh, const OUString& rURL,
LoadUrlFlags nFilter,
OUString sReferer;
if( pDShell && pDShell->GetMedium() )
sReferer = pDShell->GetMedium()->GetName();
- SfxViewFrame* pViewFrame = rSh.GetView().GetViewFrame();
SfxFrameItem aView( SID_DOCFRAME, pViewFrame );
SfxStringItem aName( SID_FILE_NAME, rURL );
SfxStringItem aTargetFrameName( SID_TARGETNAME, sTargetFrame );
@@ -554,6 +547,23 @@ void LoadURL( SwViewShell& rVSh, const OUString& rURL,
LoadUrlFlags nFilter,
SfxCallMode::ASYNCHRON|SfxCallMode::RECORD );
}
+void LoadURL( SwViewShell& rVSh, const OUString& rURL, LoadUrlFlags nFilter,
+ const OUString& rTargetFrameName )
+{
+ OSL_ENSURE( !rURL.isEmpty(), "what should be loaded here?" );
+ if( rURL.isEmpty() )
+ return ;
+
+ // The shell could be 0 also!!!!!
+ if ( dynamic_cast<const SwCursorShell*>( &rVSh) == nullptr )
+ return;
+
+ //A CursorShell is always a WrtShell
+ SwWrtShell &rSh = static_cast<SwWrtShell&>(rVSh);
+
+ ::LoadURL(rSh.GetView(), rURL, nFilter, rTargetFrameName);
+}
+
void SwWrtShell::NavigatorPaste( const NaviContentBookmark& rBkmk,
const sal_uInt16 nAction )
{
commit f9c43426ab2941d240213a50bf67d70d85e3f060
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 3 17:26:25 2023 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Fri Nov 24 18:23:16 2023 +0100
default to ignoring libreoffice special-purpose protocols in calc hyperlink
Change-Id: Ib9f62be3acc05f24ca234dec0fec21e24579e9de
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158911
Tested-by: Jenkins
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit b6062623b4d69c79e90e9365ac7c5e7f11986793)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159045
Reviewed-by: Eike Rathke <er...@redhat.com>
(cherry picked from commit 672716d09c54cb6fdd59baa7da4b8393cf104cd2)
diff --git a/dbaccess/source/core/dataaccess/ModelImpl.cxx
b/dbaccess/source/core/dataaccess/ModelImpl.cxx
index 21e45033ea4f..20e77a97cc8e 100644
--- a/dbaccess/source/core/dataaccess/ModelImpl.cxx
+++ b/dbaccess/source/core/dataaccess/ModelImpl.cxx
@@ -1142,7 +1142,8 @@ bool ODatabaseModelImpl::checkMacrosOnLoading()
{
Reference< XInteractionHandler > xInteraction;
xInteraction = m_aMediaDescriptor.getOrDefault( "InteractionHandler",
xInteraction );
- return m_aMacroMode.checkMacrosOnLoading( xInteraction );
+ const bool bHasMacros = m_aMacroMode.hasMacros();
+ return m_aMacroMode.checkMacrosOnLoading(xInteraction, false
/*HasValidContentSignature*/, bHasMacros);
}
void ODatabaseModelImpl::resetMacroExecutionMode()
diff --git a/include/sfx2/docmacromode.hxx b/include/sfx2/docmacromode.hxx
index bd4f13fb016c..0cfca92db308 100644
--- a/include/sfx2/docmacromode.hxx
+++ b/include/sfx2/docmacromode.hxx
@@ -261,6 +261,8 @@ namespace sfx2
*/
static bool storageHasMacros( const css::uno::Reference<
css::embed::XStorage >& _rxStorage );
+ bool hasMacros() const;
+
static bool containerHasBasicMacros( const css::uno::Reference<
css::script::XLibraryContainer >& xContainter );
/** checks the macro execution mode while loading the document.
@@ -288,7 +290,7 @@ namespace sfx2
bool
checkMacrosOnLoading(
const css::uno::Reference< css::task::XInteractionHandler
>& _rxInteraction,
- bool bHasValidContentSignature = false
+ bool bHasValidContentSignature, bool bHasMacros
);
private:
diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx
index 2a56ebe88e07..43df4605fe1d 100644
--- a/include/sfx2/objsh.hxx
+++ b/include/sfx2/objsh.hxx
@@ -418,6 +418,9 @@ public:
void SetMacroCallsSeenWhileLoading();
bool GetMacroCallsSeenWhileLoading() const;
+ // true if the document had macros (or similar) on load to trigger warning
user
+ bool GetHadCheckedMacrosOnLoad() const;
+
const css::uno::Sequence< css::beans::PropertyValue >&
GetModifyPasswordInfo() const;
bool SetModifyPasswordInfo( const
css::uno::Sequence< css::beans::PropertyValue >& aInfo );
diff --git a/include/sfx2/strings.hrc b/include/sfx2/strings.hrc
index 1db36e733c0c..29950ba68ca1 100644
--- a/include/sfx2/strings.hrc
+++ b/include/sfx2/strings.hrc
@@ -103,6 +103,7 @@
#define STR_GB NC_("STR_GB", "GB")
#define STR_QUERY_LASTVERSION NC_("STR_QUERY_LASTVERSION",
"Cancel all changes?")
#define STR_NO_WEBBROWSER_FOUND NC_("STR_NO_WEBBROWSER_FOUND",
"Opening \"$(ARG1)\" failed with error code $(ARG2) and message:
\"$(ARG3)\"\nMaybe no web browser could be found on your system. In that case,
please check your Desktop Preferences or install a web browser (for example,
Firefox) in the default location requested during the browser installation.")
+#define STR_DANGEROUS_TO_OPEN NC_("STR_DANGEROUS_TO_OPEN",
"It might be dangerous to open \"$(ARG1)\".\nDo you really want to open it?")
#define STR_NO_ABS_URI_REF NC_("STR_NO_ABS_URI_REF",
"\"$(ARG1)\" is not an absolute URL that can be passed to an external
application to open it.")
#define STR_GID_INTERN NC_("STR_GID_INTERN",
"Internal")
#define STR_GID_APPLICATION NC_("STR_GID_APPLICATION",
"Application")
diff --git a/sc/source/core/data/global.cxx b/sc/source/core/data/global.cxx
index 050fd823b4ee..9696f7d9414d 100644
--- a/sc/source/core/data/global.cxx
+++ b/sc/source/core/data/global.cxx
@@ -26,7 +26,9 @@
#include <sfx2/docfile.hxx>
#include <sfx2/dispatch.hxx>
#include <sfx2/objsh.hxx>
+#include <sfx2/sfxresid.hxx>
#include <sfx2/sfxsids.hrc>
+#include <sfx2/strings.hrc>
#include <sfx2/viewfrm.hxx>
#include <sfx2/viewsh.hxx>
#include <svl/intitem.hxx>
@@ -37,6 +39,8 @@
#include <vcl/virdev.hxx>
#include <vcl/settings.hxx>
#include <vcl/svapp.hxx>
+#include <vcl/weld.hxx>
+#include <vcl/window.hxx>
#include <unotools/charclass.hxx>
#include <unotools/securityoptions.hxx>
#include <osl/diagnose.h>
@@ -789,7 +793,7 @@ void ScGlobal::OpenURL(const OUString& rURL, const
OUString& rTarget, bool bIgno
OUString aUrlName( rURL );
SfxViewFrame* pFrame = nullptr;
- const SfxObjectShell* pObjShell = nullptr;
+ SfxObjectShell* pObjShell = nullptr;
OUString aReferName;
if ( pScActiveViewShell )
{
@@ -823,6 +827,35 @@ void ScGlobal::OpenURL(const OUString& rURL, const
OUString& rTarget, bool bIgno
aUrlName = aNewUrlName;
}
+ if (INetURLObject(aUrlName).IsExoticProtocol())
+ {
+ // Default to ignoring exotic protocols
+ bool bAllow = false;
+ if (pObjShell)
+ {
+ // If the document had macros when loaded then follow the allowed
macro-mode
+ if (pObjShell->GetHadCheckedMacrosOnLoad())
+ bAllow = pObjShell->AdjustMacroMode();
+ else // otherwise ask the user, defaulting to cancel
+ {
+ assert(pFrame && "if we have pObjShell we have pFrame");
+ //Reuse URITools::onOpenURI warning string
+ std::unique_ptr<weld::MessageDialog>
xQueryBox(Application::CreateMessageDialog(pFrame->GetWindow().GetFrameWeld(),
+
VclMessageType::Warning, VclButtonsType::YesNo,
+
SfxResId(STR_DANGEROUS_TO_OPEN)));
+
xQueryBox->set_primary_text(xQueryBox->get_primary_text().replaceFirst("$(ARG1)",
+ INetURLObject::decode(aUrlName,
INetURLObject::DecodeMechanism::Unambiguous)));
+ xQueryBox->set_default_response(RET_NO);
+ bAllow = xQueryBox->run() == RET_YES;
+ }
+ }
+ if (!bAllow)
+ {
+ SAL_WARN("sc", "ScGlobal::OpenURL ignoring: " << aUrlName);
+ return;
+ }
+ }
+
SfxStringItem aUrl( SID_FILE_NAME, aUrlName );
SfxStringItem aTarget( SID_TARGETNAME, rTarget );
if ( nScClickMouseModifier & KEY_SHIFT ) // control-click -> into new
window
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index 4d15ad30cb01..50782c3cd1b2 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -458,8 +458,12 @@ namespace sfx2
return bHasMacros;
}
+ bool DocumentMacroMode::hasMacros() const
+ {
+ return m_xData->m_rDocumentAccess.documentStorageHasMacros() ||
hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading();
+ }
- bool DocumentMacroMode::checkMacrosOnLoading( const Reference<
XInteractionHandler >& rxInteraction, bool bHasValidContentSignature )
+ bool DocumentMacroMode::checkMacrosOnLoading( const Reference<
XInteractionHandler >& rxInteraction, bool bHasValidContentSignature, bool
bHasMacros )
{
bool bAllow = false;
if ( SvtSecurityOptions().IsMacroDisabled() )
@@ -469,7 +473,7 @@ namespace sfx2
}
else
{
- if (m_xData->m_rDocumentAccess.documentStorageHasMacros() ||
hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
+ if (bHasMacros)
{
if (m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
m_bNeedsContentSigned = true;
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index f71358b568fa..c7418ef127fd 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -954,9 +954,15 @@ void SfxObjectShell::CheckSecurityOnLoading_Impl()
// check macro security
const bool bHasValidContentSignature = HasValidSignatures();
- pImpl->aMacroMode.checkMacrosOnLoading( xInteraction,
bHasValidContentSignature );
+ const bool bHasMacros = pImpl->aMacroMode.hasMacros();
+ pImpl->aMacroMode.checkMacrosOnLoading( xInteraction,
bHasValidContentSignature, bHasMacros );
+ pImpl->m_bHadCheckedMacrosOnLoad = bHasMacros;
}
+bool SfxObjectShell::GetHadCheckedMacrosOnLoad() const
+{
+ return pImpl->m_bHadCheckedMacrosOnLoad;
+}
void SfxObjectShell::CheckEncryption_Impl( const uno::Reference<
task::XInteractionHandler >& xHandler )
{
diff --git a/sfx2/source/doc/objxtor.cxx b/sfx2/source/doc/objxtor.cxx
index 510c35daf59f..a707bb7c4a27 100644
--- a/sfx2/source/doc/objxtor.cxx
+++ b/sfx2/source/doc/objxtor.cxx
@@ -237,6 +237,7 @@ SfxObjectShell_Impl::SfxObjectShell_Impl( SfxObjectShell&
_rDocShell )
,m_bAllowShareControlFileClean( true )
,m_bConfigOptionsChecked( false )
,m_bMacroCallsSeenWhileLoading( false )
+ ,m_bHadCheckedMacrosOnLoad( false )
,lErr(ERRCODE_NONE)
,nEventId ( SfxEventHintId::NONE )
,nLoadedFlags ( SfxLoadedFlags::ALL )
diff --git a/sfx2/source/inc/objshimp.hxx b/sfx2/source/inc/objshimp.hxx
index 3d7b0b69c945..4afdd706d05e 100644
--- a/sfx2/source/inc/objshimp.hxx
+++ b/sfx2/source/inc/objshimp.hxx
@@ -91,7 +91,8 @@ struct SfxObjectShell_Impl : public
::sfx2::IMacroDocumentAccess
m_bSharedXMLFlag:1, // whether the document should be
edited in shared mode
m_bAllowShareControlFileClean:1, // whether the flag
should be stored in xml file
m_bConfigOptionsChecked:1, // whether or not the user
options are checked after the Options dialog is closed.
- m_bMacroCallsSeenWhileLoading:1; // whether or not the
user options are checked after the Options dialog is closed.
+ m_bMacroCallsSeenWhileLoading:1, // whether or not
macro calls were seen when loading document.
+ m_bHadCheckedMacrosOnLoad:1; // if document contained
macros (or calls) when loaded
IndexBitSet aBitSet;
ErrCode lErr;
commit b245f1e20e67c1e73a702425ab41df8eb58452e3
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Sat Nov 4 19:57:51 2023 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Fri Nov 24 18:23:07 2023 +0100
warn about exotic protocols as well
Change-Id: I50dcf4f36cd20d75f5ad3876353143268740a50f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151834
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 1305f70cff8a81a58a5a6d9c96c5bb032005389e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159034
Reviewed-by: Eike Rathke <er...@redhat.com>
(cherry picked from commit 2e1bcbb550d54278b366ec619cc5280d44d6aba4)
diff --git a/sw/source/filter/html/htmlplug.cxx
b/sw/source/filter/html/htmlplug.cxx
index eb707040adb2..112975f98511 100644
--- a/sw/source/filter/html/htmlplug.cxx
+++ b/sw/source/filter/html/htmlplug.cxx
@@ -1089,7 +1089,7 @@ void SwHTMLParser::InsertFloatingFrame()
OUString sHRef = aFrameDesc.GetURL().GetMainURL(
INetURLObject::DecodeMechanism::NONE );
- if (INetURLObject(sHRef).GetProtocol() == INetProtocol::Macro)
+ if (INetURLObject(sHRef).IsExoticProtocol())
NotifyMacroEventRead();
xSet->setPropertyValue("FrameURL", uno::makeAny( sHRef ) );
diff --git a/sw/source/filter/xml/xmltexti.cxx
b/sw/source/filter/xml/xmltexti.cxx
index 169cbdc1534d..caf300f239c6 100644
--- a/sw/source/filter/xml/xmltexti.cxx
+++ b/sw/source/filter/xml/xmltexti.cxx
@@ -856,7 +856,7 @@ uno::Reference< XPropertySet >
SwXMLTextImportHelper::createAndInsertFloatingFra
OUString sHRef = URIHelper::SmartRel2Abs(
INetURLObject( GetXMLImport().GetBaseURL() ),
rHRef );
- if (INetURLObject(sHRef).GetProtocol() == INetProtocol::Macro)
+ if (INetURLObject(sHRef).IsExoticProtocol())
GetXMLImport().NotifyMacroEventRead();
xSet->setPropertyValue("FrameURL",
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index ab6e885639db..1ef2b7e0b2af 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4776,7 +4776,8 @@ bool INetURLObject::IsExoticProtocol() const
return m_eScheme == INetProtocol::Slot ||
m_eScheme == INetProtocol::Macro ||
m_eScheme == INetProtocol::Uno ||
- isSchemeEqualTo(u"vnd.sun.star.script");
+ isSchemeEqualTo(u"vnd.sun.star.script") ||
+ isSchemeEqualTo(u"service");
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmloff/source/draw/ximpshap.cxx b/xmloff/source/draw/ximpshap.cxx
index 44b5177501f1..30c303690d97 100644
--- a/xmloff/source/draw/ximpshap.cxx
+++ b/xmloff/source/draw/ximpshap.cxx
@@ -3269,7 +3269,7 @@ void SdXMLFloatingFrameShapeContext::StartElement( const
css::uno::Reference< cs
if( !maHref.isEmpty() )
{
- if (INetURLObject(maHref).GetProtocol() == INetProtocol::Macro)
+ if (INetURLObject(maHref).IsExoticProtocol())
GetImport().NotifyMacroEventRead();
xProps->setPropertyValue("FrameURL", Any(maHref) );
commit 63beeae7c7008aec026b2751976ce6cc18d0fa20
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 3 17:14:26 2023 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Fri Nov 24 18:22:56 2023 +0100
add some protocols that don't make sense as floating frame targets
Change-Id: Id900a5eef248731d1184c1df501a2cf7a2de7eb9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158910
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 11ebdfef16501c6d35c3e3d0d62507f706557c71)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158900
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit bab433911bdecb344f7ea94dbd00690241a08c54)
diff --git a/include/tools/urlobj.hxx b/include/tools/urlobj.hxx
index 522dcca35fcd..67f241376537 100644
--- a/include/tools/urlobj.hxx
+++ b/include/tools/urlobj.hxx
@@ -920,6 +920,11 @@ public:
void changeScheme(INetProtocol eTargetScheme);
+ // INetProtocol::Macro, INetProtocol::Uno, INetProtocol::Slot,
+ // vnd.sun.star.script, etc. All the types of URLs which shouldn't
+ // be accepted from an outside controlled source
+ bool IsExoticProtocol() const;
+
private:
// General Structure:
diff --git a/sfx2/source/doc/iframe.cxx b/sfx2/source/doc/iframe.cxx
index 1703572a2647..bddd187a418c 100644
--- a/sfx2/source/doc/iframe.cxx
+++ b/sfx2/source/doc/iframe.cxx
@@ -200,8 +200,11 @@ sal_Bool SAL_CALL IFrameObject::load(
xTrans->parseStrict( aTargetURL );
INetURLObject aURLObject(aTargetURL.Complete);
- if (aURLObject.GetProtocol() == INetProtocol::Macro ||
aURLObject.isSchemeEqualTo(u"vnd.sun.star.script"))
+ if (aURLObject.IsExoticProtocol())
+ {
+ SAL_WARN("sfx", "IFrameObject::load ignoring: " <<
aTargetURL.Complete);
return false;
+ }
uno::Reference<frame::XFramesSupplier> xParentFrame =
xFrame->getCreator();
SfxObjectShell* pDoc = SfxMacroLoader::GetObjectShell(xParentFrame);
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 64daa11c9415..ab6e885639db 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4771,4 +4771,12 @@ OUString INetURLObject::CutExtension()
? aTheExtension : OUString();
}
+bool INetURLObject::IsExoticProtocol() const
+{
+ return m_eScheme == INetProtocol::Slot ||
+ m_eScheme == INetProtocol::Macro ||
+ m_eScheme == INetProtocol::Uno ||
+ isSchemeEqualTo(u"vnd.sun.star.script");
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit e21cfe638b82824db85bb4e8870f3d986c989fc8
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 3 14:20:07 2023 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Fri Nov 24 18:22:23 2023 +0100
escape url passed to gstreamer
Change-Id: I3c93ee34800cc8563370f75ef3ef6f8a9220e6ec
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158894
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit f41dcadf6492a6ffd32696d50f818e44355b9ad9)
diff --git a/avmedia/source/gstreamer/gstframegrabber.cxx
b/avmedia/source/gstreamer/gstframegrabber.cxx
index bc183d563332..0135a78ed597 100644
--- a/avmedia/source/gstreamer/gstframegrabber.cxx
+++ b/avmedia/source/gstreamer/gstframegrabber.cxx
@@ -51,11 +51,9 @@ void FrameGrabber::disposePipeline()
FrameGrabber::FrameGrabber( const OUString &rURL ) :
FrameGrabber_BASE()
{
- gchar *pPipelineStr;
- pPipelineStr = g_strdup_printf(
- "uridecodebin uri=%s ! videoconvert ! videoscale ! appsink "
- "name=sink caps=\"video/x-raw,format=RGB,pixel-aspect-ratio=1/1\"",
- OUStringToOString( rURL, RTL_TEXTENCODING_UTF8 ).getStr() );
+ const char pPipelineStr[] =
+ "uridecodebin name=source ! videoconvert ! videoscale ! appsink "
+ "name=sink caps=\"video/x-raw,format=RGB,pixel-aspect-ratio=1/1\"";
GError *pError = nullptr;
mpPipeline = gst_parse_launch( pPipelineStr, &pError );
@@ -66,6 +64,12 @@ FrameGrabber::FrameGrabber( const OUString &rURL ) :
}
if( mpPipeline ) {
+
+ if (GstElement *pUriDecode = gst_bin_get_by_name(GST_BIN(mpPipeline),
"source"))
+ g_object_set(pUriDecode, "uri", OUStringToOString(rURL,
RTL_TEXTENCODING_UTF8).getStr(), nullptr);
+ else
+ g_warning("Missing 'source' element in gstreamer pipeline");
+
// pre-roll
switch( gst_element_set_state( mpPipeline, GST_STATE_PAUSED ) ) {
case GST_STATE_CHANGE_FAILURE:
