avmedia/source/gstreamer/gstframegrabber.cxx | 19 ++++++++-----
dbaccess/source/core/dataaccess/ModelImpl.cxx | 3 +-
include/sfx2/docmacromode.hxx | 5 ++-
include/sfx2/objsh.hxx | 6 ++++
include/sfx2/strings.hrc | 1
include/tools/urlobj.hxx | 5 +++
sc/source/core/data/global.cxx | 8 ++++-
sd/source/ui/app/sdmod1.cxx | 29 ++++++++++++-------
sfx2/source/doc/docmacromode.cxx | 8 ++++-
sfx2/source/doc/iframe.cxx | 6 +++-
sfx2/source/doc/objmisc.cxx | 35 +++++++++++++++++++++++
sfx2/source/doc/objxtor.cxx | 1
sfx2/source/inc/objshimp.hxx | 3 +-
sw/source/filter/html/htmlplug.cxx | 2 -
sw/source/filter/xml/xmltexti.cxx | 2 -
sw/source/uibase/wrtsh/wrtsh2.cxx | 38 ++++++++++++++++----------
tools/source/fsys/urlobj.cxx | 9 ++++++
xmloff/source/draw/ximpshap.cxx | 2 -
18 files changed, 139 insertions(+), 43 deletions(-)
New commits:
commit f67bb3e4edc067e3b4c8ac93af29b56adb551c49
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Wed Nov 22 21:14:41 2023 +0000
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Dec 3 21:29:45 2023 +0000
reuse AllowedLinkProtocolFromDocument in impress/draw
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159843
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit f0942eed2eb328b04856f20613f5226d66b66a20)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159759
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
Signed-off-by: Xisco Fauli <xiscofa...@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159884
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit 569fa7f755718a06f23d25b2132bf0400cec7a0f)
(cherry picked from commit b60bd2dddc4b9d6d60615d61051a9f9ee5410851)
(cherry picked from commit 8b244a0ce8a9170a1fd61e19a0c943230a741fbe)
(cherry picked from commit 87535988868baac08173fc826dbb6c6cbdf91dd4)
(cherry picked from commit fd809982a280218046ab7e6e6d24492420143e6c)
(cherry picked from commit 56dd18f55d14939a1d5697e8580efd580bae0da7)
(cherry picked from commit 5aa0ae5fffe3a6f98e2ae4a677a20a8f95d3eed3)
(cherry picked from commit d0263e4735d37e52184e6e46c3c1405de9400e08)
(cherry picked from commit 13a3d545f3095ff34a6765b0597e44afdb19de11)
Change-Id: I73ca4f087946a45dbf92d69a0dc1e769de9b5690
diff --git a/sd/source/ui/app/sdmod1.cxx b/sd/source/ui/app/sdmod1.cxx
index 8782722e52f8..6c47f7f282e3 100644
--- a/sd/source/ui/app/sdmod1.cxx
+++ b/sd/source/ui/app/sdmod1.cxx
@@ -35,6 +35,7 @@
#include <sfx2/docfile.hxx>
#include <sfx2/templatedlg.hxx>
#include <editeng/paperinf.hxx>
+#include <svl/stritem.hxx>
#include <editeng/eeitem.hxx>
#include <unotools/useroptions.hxx>
#include <com/sun/star/uno/Sequence.h>
@@ -207,26 +208,32 @@ void SdModule::Execute(SfxRequest& rReq)
{
bool bIntercept = false;
::sd::DrawDocShell* pDocShell = dynamic_cast< ::sd::DrawDocShell
*>( SfxObjectShell::Current() );
- if (pDocShell)
+ ::sd::ViewShell* pViewShell = pDocShell ?
pDocShell->GetViewShell() : nullptr;
+ if (pViewShell)
{
- ::sd::ViewShell* pViewShell = pDocShell->GetViewShell();
- if (pViewShell)
+ if( sd::SlideShow::IsRunning( pViewShell->GetViewShellBase() )
)
{
- if( sd::SlideShow::IsRunning(
pViewShell->GetViewShellBase() ) )
+ // Prevent documents from opening while the slide
+ // show is running, except when this request comes
+ // from a shape interaction.
+ if (rReq.GetArgs() == nullptr)
{
- // Prevent documents from opening while the slide
- // show is running, except when this request comes
- // from a shape interaction.
- if (rReq.GetArgs() == nullptr)
- {
- bIntercept = true;
- }
+ bIntercept = true;
}
}
}
if (!bIntercept)
{
+ if (const SfxStringItem* pURLItem =
rReq.GetArg<SfxStringItem>(SID_FILE_NAME))
+ {
+ if (!pViewShell ||
!SfxObjectShell::AllowedLinkProtocolFromDocument(pURLItem->GetValue(),
+
pViewShell->GetObjectShell(),
+
pViewShell->GetFrameWeld()))
+ {
+ return;
+ }
+ }
SfxGetpApp()->ExecuteSlot(rReq, SfxGetpApp()->GetInterface());
}
else
commit e6881176c633777c92406a220750bdcdd65797eb
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Wed Nov 15 11:39:24 2023 +0000
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Dec 3 21:29:11 2023 +0000
reuse AllowedLinkProtocolFromDocument in writer
reorg calc hyperlink check to reuse elsewhere
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159487
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit e6a7537762e19fde446441edd10d301f9b37ce75)
reuse AllowedLinkProtocolFromDocument in writer
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159488
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 32535dfa82200b54296838b52285c054fbe5e51d)
combine these hyperlink dispatchers into one call
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159489
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 0df175ccc6ea542bc5801f631ff72bed187042eb)
we can have just one LoadURL for writer
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159557
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 521ca9cf6acbae96cf95d9740859c9682212013d)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159858
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit e32b8601dbd63cf01497889601d6c9c1241106d6)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159883
(cherry picked from commit 6d29ee15039a567ad5f70a3e51289fea93c1f64e)
(cherry picked from commit 6708272c15941d94ab828a188e06a0addca1dd15)
(cherry picked from commit 8423af18d7b8b82d106acede33720457071e79e9)
(cherry picked from commit 6aa0be1d2905b77e567ca32446b61ab2e9bef0b1)
(cherry picked from commit 583a30728042993d7fcacccf49c8e338150f2f44)
(cherry picked from commit dd7e7a8b0004dc24c9880cc91368ed8512c35f01)
(cherry picked from commit 782f9422888322f9ec54d98b6f31b5f372170ff7)
(cherry picked from commit a739883e98fb86627a71133a1d4bec2743ff2632)
(cherry picked from commit 718cfe5efa7c2de05856c24238bfed3f5cb0b6dd)
Change-Id: I20ae3c5df15502c3a0a366fb4a2924c06ffac3d0
acf5e313fc6ca5f7d69ca6986a036f0e1ab1f2a0
cb7822e811013de648ccf2fbb23a5f0be9e29bb0
a0162ee1c275292fcf200bad4662e4c2c6b7b972
diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx
index 964e8f319037..1ff93a79468c 100644
--- a/include/sfx2/objsh.hxx
+++ b/include/sfx2/objsh.hxx
@@ -219,6 +219,9 @@ private:
SAL_DLLPRIVATE bool SaveTo_Impl(SfxMedium &rMedium, const SfxItemSet* pSet
);
+ // true if the document had macros (or similar) on load to trigger warning
user
+ SAL_DLLPRIVATE bool GetHadCheckedMacrosOnLoad() const;
+
protected:
SfxObjectShell(SfxObjectCreateMode);
SfxObjectShell(SfxModelFlags); // see
sfxmodelfactory.hxx
@@ -437,8 +440,8 @@ public:
void SetMacroCallsSeenWhileLoading();
bool GetMacroCallsSeenWhileLoading() const;
- // true if the document had macros (or similar) on load to trigger warning
user
- bool GetHadCheckedMacrosOnLoad() const;
+ // true if this type of link, from a document, is allowed by the user to
be passed to uno:OpenDoc
+ static bool AllowedLinkProtocolFromDocument(const
OUString& rUrl, SfxObjectShell* pObjShell, weld::Window* pDialogParent);
const css::uno::Sequence< css::beans::PropertyValue >&
GetModifyPasswordInfo() const;
bool SetModifyPasswordInfo( const
css::uno::Sequence< css::beans::PropertyValue >& aInfo );
diff --git a/include/sfx2/strings.hrc b/include/sfx2/strings.hrc
index c196bcd19989..8c3090823057 100644
--- a/include/sfx2/strings.hrc
+++ b/include/sfx2/strings.hrc
@@ -103,6 +103,7 @@
#define STR_GB NC_("STR_GB", "GB")
#define STR_QUERY_LASTVERSION NC_("STR_QUERY_LASTVERSION",
"Cancel all changes?")
#define STR_NO_WEBBROWSER_FOUND NC_("STR_NO_WEBBROWSER_FOUND",
"Opening \"$(ARG1)\" failed with error code $(ARG2) and message:
\"$(ARG3)\"\nMaybe no web browser could be found on your system. In that case,
please check your Desktop Preferences or install a web browser (for example,
Firefox) in the default location requested during the browser installation.")
+#define STR_DANGEROUS_TO_OPEN NC_("STR_DANGEROUS_TO_OPEN",
"It might be dangerous to open \"$(ARG1)\".\nDo you really want to open it?")
#define STR_NO_ABS_URI_REF NC_("STR_NO_ABS_URI_REF",
"\"$(ARG1)\" is not an absolute URL that can be passed to an external
application to open it.")
#define STR_GID_INTERN NC_("STR_GID_INTERN",
"Internal")
#define STR_GID_APPLICATION NC_("STR_GID_APPLICATION",
"Application")
diff --git a/sc/source/core/data/global.cxx b/sc/source/core/data/global.cxx
index 47c6eb350c5e..01994cf65d63 100644
--- a/sc/source/core/data/global.cxx
+++ b/sc/source/core/data/global.cxx
@@ -27,9 +27,7 @@
#include <sfx2/docfile.hxx>
#include <sfx2/dispatch.hxx>
#include <sfx2/objsh.hxx>
-#include <sfx2/sfxresid.hxx>
#include <sfx2/sfxsids.hrc>
-#include <sfx2/strings.hrc>
#include <sfx2/viewfrm.hxx>
#include <sfx2/viewsh.hxx>
#include <svl/stritem.hxx>
@@ -37,6 +35,7 @@
#include <svl/zformat.hxx>
#include <vcl/virdev.hxx>
#include <vcl/weld.hxx>
+#include <vcl/window.hxx>
#include <vcl/settings.hxx>
#include <unotools/charclass.hxx>
#include <unotools/securityoptions.hxx>
@@ -845,34 +844,8 @@ void ScGlobal::OpenURL(const OUString& rURL, const
OUString& rTarget)
aUrlName = aNewUrlName;
}
- if (INetURLObject(aUrlName).IsExoticProtocol())
- {
- // Default to ignoring exotic protocols
- bool bAllow = false;
- if (pObjShell)
- {
- // If the document had macros when loaded then follow the allowed
macro-mode
- if (pObjShell->GetHadCheckedMacrosOnLoad())
- bAllow = pObjShell->AdjustMacroMode();
- else // otherwise ask the user, defaulting to cancel
- {
- assert(pFrame && "if we have pObjShell we have pFrame");
- //Reuse URITools::onOpenURI warning string
- std::unique_ptr<weld::MessageDialog>
xQueryBox(Application::CreateMessageDialog(pFrame->GetFrameWeld(),
-
VclMessageType::Warning, VclButtonsType::YesNo,
-
SfxResId(STR_DANGEROUS_TO_OPEN)));
-
xQueryBox->set_primary_text(xQueryBox->get_primary_text().replaceFirst("$(ARG1)",
- INetURLObject::decode(aUrlName,
INetURLObject::DecodeMechanism::Unambiguous)));
- xQueryBox->set_default_response(RET_NO);
- bAllow = xQueryBox->run() == RET_YES;
- }
- }
- if (!bAllow)
- {
- SAL_WARN("sc", "ScGlobal::OpenURL ignoring: " << aUrlName);
- return;
- }
- }
+ if (!SfxObjectShell::AllowedLinkProtocolFromDocument(aUrlName, pObjShell,
pFrame ? pFrame->GetWindow().GetFrameWeld() : nullptr))
+ return;
SfxStringItem aUrl( SID_FILE_NAME, aUrlName );
SfxStringItem aTarget( SID_TARGETNAME, rTarget );
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 00ccc525f679..5216d73cceb2 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -939,6 +939,33 @@ bool SfxObjectShell::GetHadCheckedMacrosOnLoad() const
return pImpl->m_bHadCheckedMacrosOnLoad;
}
+bool SfxObjectShell::AllowedLinkProtocolFromDocument(const OUString& rUrl,
SfxObjectShell* pObjShell, weld::Window* pDialogParent)
+{
+ if (!INetURLObject(rUrl).IsExoticProtocol())
+ return true;
+ // Default to ignoring exotic protocols
+ bool bAllow = false;
+ if (pObjShell)
+ {
+ // If the document had macros when loaded then follow the allowed
macro-mode
+ if (pObjShell->GetHadCheckedMacrosOnLoad())
+ bAllow = pObjShell->AdjustMacroMode();
+ else // otherwise ask the user, defaulting to cancel
+ {
+ //Reuse URITools::onOpenURI warning string
+ std::unique_ptr<weld::MessageDialog>
xQueryBox(Application::CreateMessageDialog(pDialogParent,
+
VclMessageType::Warning, VclButtonsType::YesNo,
+
SfxResId(STR_DANGEROUS_TO_OPEN)));
+
xQueryBox->set_primary_text(xQueryBox->get_primary_text().replaceFirst("$(ARG1)",
+ INetURLObject::decode(rUrl,
INetURLObject::DecodeMechanism::Unambiguous)));
+ xQueryBox->set_default_response(RET_NO);
+ bAllow = xQueryBox->run() == RET_YES;
+ }
+ }
+ SAL_WARN_IF(!bAllow, "sfx.appl",
"SfxObjectShell::AllowedLinkProtocolFromDocument ignoring: " << rUrl);
+ return bAllow;
+}
+
void SfxObjectShell::CheckEncryption_Impl( const uno::Reference<
task::XInteractionHandler >& xHandler )
{
OUString aVersion;
diff --git a/sw/source/uibase/wrtsh/wrtsh2.cxx
b/sw/source/uibase/wrtsh/wrtsh2.cxx
index 8d1707761ab6..040830a27107 100644
--- a/sw/source/uibase/wrtsh/wrtsh2.cxx
+++ b/sw/source/uibase/wrtsh/wrtsh2.cxx
@@ -479,15 +479,14 @@ bool SwWrtShell::ClickToINetGrf( const Point& rDocPt,
LoadUrlFlags nFilter )
return bRet;
}
-void LoadURL( SwViewShell& rVSh, const OUString& rURL, LoadUrlFlags nFilter,
- const OUString& rTargetFrameName )
+static void LoadURL(SwView& rView, const OUString& rURL, LoadUrlFlags nFilter,
+ const OUString& rTargetFrameName)
{
- OSL_ENSURE( !rURL.isEmpty(), "what should be loaded here?" );
- if( rURL.isEmpty() )
- return ;
+ SwDocShell* pDShell = rView.GetDocShell();
+ OSL_ENSURE( pDShell, "No DocShell?!");
+ SfxViewFrame* pViewFrame = rView.GetViewFrame();
- // The shell could be 0 also!!!!!
- if ( dynamic_cast<const SwCursorShell*>( &rVSh) == nullptr )
+ if (!SfxObjectShell::AllowedLinkProtocolFromDocument(rURL, pDShell,
rView.GetFrameWeld()))
return;
OUString sFileURL = rURL;
@@ -511,15 +510,10 @@ void LoadURL( SwViewShell& rVSh, const OUString& rURL,
LoadUrlFlags nFilter,
// unless we are jumping to a TOC mark.
if (comphelper::LibreOfficeKit::isActive() && !rURL.startsWith("#"))
{
-
rVSh.GetSfxViewShell()->libreOfficeKitViewCallback(LOK_CALLBACK_HYPERLINK_CLICKED,
sFileURL.toUtf8().getStr());
+ rView.libreOfficeKitViewCallback(LOK_CALLBACK_HYPERLINK_CLICKED,
sFileURL.toUtf8().getStr());
return;
}
- //A CursorShell is always a WrtShell
- SwWrtShell &rSh = static_cast<SwWrtShell&>(rVSh);
-
- SwDocShell* pDShell = rSh.GetView().GetDocShell();
- OSL_ENSURE( pDShell, "No DocShell?!");
OUString sTargetFrame(rTargetFrameName);
if (sTargetFrame.isEmpty() && pDShell)
{
@@ -534,7 +528,6 @@ void LoadURL( SwViewShell& rVSh, const OUString& rURL,
LoadUrlFlags nFilter,
OUString sReferer;
if( pDShell && pDShell->GetMedium() )
sReferer = pDShell->GetMedium()->GetName();
- SfxViewFrame* pViewFrame = rSh.GetView().GetViewFrame();
SfxFrameItem aView( SID_DOCFRAME, pViewFrame );
SfxStringItem aName( SID_FILE_NAME, sFileURL );
SfxStringItem aTargetFrameName( SID_TARGETNAME, sTargetFrame );
@@ -560,6 +553,23 @@ void LoadURL( SwViewShell& rVSh, const OUString& rURL,
LoadUrlFlags nFilter,
SfxCallMode::ASYNCHRON|SfxCallMode::RECORD );
}
+void LoadURL( SwViewShell& rVSh, const OUString& rURL, LoadUrlFlags nFilter,
+ const OUString& rTargetFrameName )
+{
+ OSL_ENSURE( !rURL.isEmpty(), "what should be loaded here?" );
+ if( rURL.isEmpty() )
+ return ;
+
+ // The shell could be 0 also!!!!!
+ if ( dynamic_cast<const SwCursorShell*>( &rVSh) == nullptr )
+ return;
+
+ //A CursorShell is always a WrtShell
+ SwWrtShell &rSh = static_cast<SwWrtShell&>(rVSh);
+
+ ::LoadURL(rSh.GetView(), rURL, nFilter, rTargetFrameName);
+}
+
void SwWrtShell::NavigatorPaste( const NaviContentBookmark& rBkmk,
const sal_uInt16 nAction )
{
commit d96b41c136ad3c3f1730a0ad356b2da74b519e17
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 3 17:26:25 2023 +0000
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Dec 3 21:28:08 2023 +0000
default to ignoring libreoffice special-purpose protocols in calc hyperlink
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158911
Tested-by: Jenkins
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit b6062623b4d69c79e90e9365ac7c5e7f11986793)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159046
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit cfe5672c069d6ed3a62dfc3370fdfbc80b6de434)
(cherry picked from commit 5109649b65206ca6abd823fe2ccf07925e36d71b)
(cherry picked from commit 01e7c1682b544266f7b85d58127e878484ea46b0)
(cherry picked from commit ee4849d06b7db4dbb0bed9696c548ace8f8d8313)
(cherry picked from commit 1b0c07506acadd615c560cbaa67f4bcb17132c24)
(cherry picked from commit 1a30b62ac7c23dd12aee88f0b90d8a715c652475)
(cherry picked from commit 3a376837d591f09e79b7c706aefa75853a777230)
(cherry picked from commit f0e537b956efde03e97d04f77b9dda62c9c3251c)
Change-Id: Ib9f62be3acc05f24ca234dec0fec21e24579e9de
diff --git a/dbaccess/source/core/dataaccess/ModelImpl.cxx
b/dbaccess/source/core/dataaccess/ModelImpl.cxx
index 7c175ab5eeb5..1866e75f865e 100644
--- a/dbaccess/source/core/dataaccess/ModelImpl.cxx
+++ b/dbaccess/source/core/dataaccess/ModelImpl.cxx
@@ -1053,7 +1053,8 @@ bool ODatabaseModelImpl::checkMacrosOnLoading()
{
Reference< XInteractionHandler > xInteraction;
xInteraction = m_aMediaDescriptor.getOrDefault( "InteractionHandler",
xInteraction );
- return m_aMacroMode.checkMacrosOnLoading( xInteraction );
+ const bool bHasMacros = m_aMacroMode.hasMacros();
+ return m_aMacroMode.checkMacrosOnLoading(xInteraction, false
/*HasValidContentSignature*/, bHasMacros);
}
void ODatabaseModelImpl::resetMacroExecutionMode()
diff --git a/include/sfx2/docmacromode.hxx b/include/sfx2/docmacromode.hxx
index 19199f7a410e..923b5c631046 100644
--- a/include/sfx2/docmacromode.hxx
+++ b/include/sfx2/docmacromode.hxx
@@ -259,7 +259,10 @@ namespace sfx2
*/
static bool storageHasMacros( const css::uno::Reference<
css::embed::XStorage >& _rxStorage );
+ bool hasMacros() const;
+
static bool containerHasBasicMacros( const css::uno::Reference<
css::script::XLibraryContainer >& xContainter );
+
/** checks the macro execution mode while loading the document.
This must be called when the loading is effectively finished, but
before any macro action
@@ -286,7 +289,7 @@ namespace sfx2
bool
checkMacrosOnLoading(
const css::uno::Reference< css::task::XInteractionHandler
>& _rxInteraction,
- bool bHasValidContentSignature = false
+ bool bHasValidContentSignature, bool bHasMacros
);
private:
diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx
index 7f14bce2f0c8..964e8f319037 100644
--- a/include/sfx2/objsh.hxx
+++ b/include/sfx2/objsh.hxx
@@ -437,6 +437,9 @@ public:
void SetMacroCallsSeenWhileLoading();
bool GetMacroCallsSeenWhileLoading() const;
+ // true if the document had macros (or similar) on load to trigger warning
user
+ bool GetHadCheckedMacrosOnLoad() const;
+
const css::uno::Sequence< css::beans::PropertyValue >&
GetModifyPasswordInfo() const;
bool SetModifyPasswordInfo( const
css::uno::Sequence< css::beans::PropertyValue >& aInfo );
diff --git a/sc/source/core/data/global.cxx b/sc/source/core/data/global.cxx
index 6a59a30e56b5..47c6eb350c5e 100644
--- a/sc/source/core/data/global.cxx
+++ b/sc/source/core/data/global.cxx
@@ -27,12 +27,16 @@
#include <sfx2/docfile.hxx>
#include <sfx2/dispatch.hxx>
#include <sfx2/objsh.hxx>
+#include <sfx2/sfxresid.hxx>
+#include <sfx2/sfxsids.hrc>
+#include <sfx2/strings.hrc>
#include <sfx2/viewfrm.hxx>
#include <sfx2/viewsh.hxx>
#include <svl/stritem.hxx>
#include <svl/zforlist.hxx>
#include <svl/zformat.hxx>
#include <vcl/virdev.hxx>
+#include <vcl/weld.hxx>
#include <vcl/settings.hxx>
#include <unotools/charclass.hxx>
#include <unotools/securityoptions.hxx>
@@ -807,7 +811,7 @@ void ScGlobal::OpenURL(const OUString& rURL, const
OUString& rTarget)
OUString aUrlName( rURL );
SfxViewFrame* pFrame = nullptr;
- const SfxObjectShell* pObjShell = nullptr;
+ SfxObjectShell* pObjShell = nullptr;
OUString aReferName;
if ( pScActiveViewShell )
{
@@ -841,6 +845,35 @@ void ScGlobal::OpenURL(const OUString& rURL, const
OUString& rTarget)
aUrlName = aNewUrlName;
}
+ if (INetURLObject(aUrlName).IsExoticProtocol())
+ {
+ // Default to ignoring exotic protocols
+ bool bAllow = false;
+ if (pObjShell)
+ {
+ // If the document had macros when loaded then follow the allowed
macro-mode
+ if (pObjShell->GetHadCheckedMacrosOnLoad())
+ bAllow = pObjShell->AdjustMacroMode();
+ else // otherwise ask the user, defaulting to cancel
+ {
+ assert(pFrame && "if we have pObjShell we have pFrame");
+ //Reuse URITools::onOpenURI warning string
+ std::unique_ptr<weld::MessageDialog>
xQueryBox(Application::CreateMessageDialog(pFrame->GetFrameWeld(),
+
VclMessageType::Warning, VclButtonsType::YesNo,
+
SfxResId(STR_DANGEROUS_TO_OPEN)));
+
xQueryBox->set_primary_text(xQueryBox->get_primary_text().replaceFirst("$(ARG1)",
+ INetURLObject::decode(aUrlName,
INetURLObject::DecodeMechanism::Unambiguous)));
+ xQueryBox->set_default_response(RET_NO);
+ bAllow = xQueryBox->run() == RET_YES;
+ }
+ }
+ if (!bAllow)
+ {
+ SAL_WARN("sc", "ScGlobal::OpenURL ignoring: " << aUrlName);
+ return;
+ }
+ }
+
SfxStringItem aUrl( SID_FILE_NAME, aUrlName );
SfxStringItem aTarget( SID_TARGETNAME, rTarget );
if ( nScClickMouseModifier & KEY_SHIFT ) // control-click -> into new
window
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index 7c414be4347b..8462298f680f 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -399,8 +399,12 @@ namespace sfx2
return bHasMacros;
}
+ bool DocumentMacroMode::hasMacros() const
+ {
+ return m_xData->m_rDocumentAccess.documentStorageHasMacros() ||
hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading();
+ }
- bool DocumentMacroMode::checkMacrosOnLoading( const Reference<
XInteractionHandler >& rxInteraction, bool bHasValidContentSignature )
+ bool DocumentMacroMode::checkMacrosOnLoading( const Reference<
XInteractionHandler >& rxInteraction, bool bHasValidContentSignature, bool
bHasMacros )
{
bool bAllow = false;
if ( SvtSecurityOptions().IsMacroDisabled() )
@@ -410,7 +414,7 @@ namespace sfx2
}
else
{
- if (m_xData->m_rDocumentAccess.documentStorageHasMacros() ||
hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
+ if (bHasMacros)
{
if (m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
m_bNeedsContentSigned = true;
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index f6950a247503..00ccc525f679 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -929,9 +929,15 @@ void SfxObjectShell::CheckSecurityOnLoading_Impl()
// check macro security
const bool bHasValidContentSignature = HasValidSignatures();
- pImpl->aMacroMode.checkMacrosOnLoading( xInteraction,
bHasValidContentSignature );
+ const bool bHasMacros = pImpl->aMacroMode.hasMacros();
+ pImpl->aMacroMode.checkMacrosOnLoading( xInteraction,
bHasValidContentSignature, bHasMacros );
+ pImpl->m_bHadCheckedMacrosOnLoad = bHasMacros;
}
+bool SfxObjectShell::GetHadCheckedMacrosOnLoad() const
+{
+ return pImpl->m_bHadCheckedMacrosOnLoad;
+}
void SfxObjectShell::CheckEncryption_Impl( const uno::Reference<
task::XInteractionHandler >& xHandler )
{
diff --git a/sfx2/source/doc/objxtor.cxx b/sfx2/source/doc/objxtor.cxx
index d3e83c67b6a2..7c63d8e5baaa 100644
--- a/sfx2/source/doc/objxtor.cxx
+++ b/sfx2/source/doc/objxtor.cxx
@@ -232,6 +232,7 @@ SfxObjectShell_Impl::SfxObjectShell_Impl( SfxObjectShell&
_rDocShell )
,m_bAllowShareControlFileClean( true )
,m_bConfigOptionsChecked( false )
,m_bMacroCallsSeenWhileLoading( false )
+ ,m_bHadCheckedMacrosOnLoad( false )
,lErr(ERRCODE_NONE)
,nEventId ( SfxEventHintId::NONE )
,pReloadTimer ( nullptr)
diff --git a/sfx2/source/inc/objshimp.hxx b/sfx2/source/inc/objshimp.hxx
index 848775ef2f47..806ed83a1640 100644
--- a/sfx2/source/inc/objshimp.hxx
+++ b/sfx2/source/inc/objshimp.hxx
@@ -91,7 +91,8 @@ struct SfxObjectShell_Impl : public
::sfx2::IMacroDocumentAccess
m_bSharedXMLFlag:1, // whether the document should be
edited in shared mode
m_bAllowShareControlFileClean:1, // whether the flag
should be stored in xml file
m_bConfigOptionsChecked:1, // whether or not the user
options are checked after the Options dialog is closed.
- m_bMacroCallsSeenWhileLoading:1; // whether or not the
user options are checked after the Options dialog is closed.
+ m_bMacroCallsSeenWhileLoading:1, // whether or not
macro calls were seen when loading document.
+ m_bHadCheckedMacrosOnLoad:1; // if document contained
macros (or calls) when loaded
IndexBitSet aBitSet;
ErrCode lErr;
commit b723a1b0c76a1a8a3e696f762e1493da94aabb58
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Sat Nov 4 19:57:51 2023 +0000
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Dec 3 21:27:21 2023 +0000
warn about exotic protocols as well
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158902
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit aafe05584e601236e84a165f2816b187189cfb77)
(cherry picked from commit 799f0225d7171e6c04324ace1f31c7fe976662a4)
(cherry picked from commit ae06669597e5a485676ba4394822cba8bb88d394)
(cherry picked from commit a7138808fbb8eb263af436ee4227cbe9c829b676)
(cherry picked from commit 19316aacbb9f1774565a157d21e70c88c490cef6)
(cherry picked from commit 13c0bdee068ad4af1f4e03461580ec7bddeb0d63)
(cherry picked from commit f7f3aab1c9f49a4e56711c7fd3b32da793b00a43)
Change-Id: I50dcf4f36cd20d75f5ad3876353143268740a50f
(cherry picked from commit 881db19f9d4adb03584b37193a6bf88e12f7fbc6)
diff --git a/sw/source/filter/html/htmlplug.cxx
b/sw/source/filter/html/htmlplug.cxx
index 66ab72cf395a..138daa668dd6 100644
--- a/sw/source/filter/html/htmlplug.cxx
+++ b/sw/source/filter/html/htmlplug.cxx
@@ -1089,7 +1089,7 @@ void SwHTMLParser::InsertFloatingFrame()
OUString sHRef = aFrameDesc.GetURL().GetMainURL(
INetURLObject::DecodeMechanism::NONE );
- if (INetURLObject(sHRef).GetProtocol() == INetProtocol::Macro)
+ if (INetURLObject(sHRef).IsExoticProtocol())
NotifyMacroEventRead();
xSet->setPropertyValue("FrameURL", uno::makeAny( sHRef ) );
diff --git a/sw/source/filter/xml/xmltexti.cxx
b/sw/source/filter/xml/xmltexti.cxx
index ad2e26e7039c..c958ed635083 100644
--- a/sw/source/filter/xml/xmltexti.cxx
+++ b/sw/source/filter/xml/xmltexti.cxx
@@ -858,7 +858,7 @@ uno::Reference< XPropertySet >
SwXMLTextImportHelper::createAndInsertFloatingFra
OUString sHRef = URIHelper::SmartRel2Abs(
INetURLObject( GetXMLImport().GetBaseURL() ),
rHRef );
- if (INetURLObject(sHRef).GetProtocol() == INetProtocol::Macro)
+ if (INetURLObject(sHRef).IsExoticProtocol())
GetXMLImport().NotifyMacroEventRead();
xSet->setPropertyValue("FrameURL",
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 4b2ca2ee9917..c755abb4a1f6 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4961,7 +4961,8 @@ bool INetURLObject::IsExoticProtocol() const
return m_eScheme == INetProtocol::Slot ||
m_eScheme == INetProtocol::Macro ||
m_eScheme == INetProtocol::Uno ||
- isSchemeEqualTo(u"vnd.sun.star.script");
+ isSchemeEqualTo(u"vnd.sun.star.script") ||
+ isSchemeEqualTo(u"service");
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmloff/source/draw/ximpshap.cxx b/xmloff/source/draw/ximpshap.cxx
index 12f0b9af142a..64704f4c4b0d 100644
--- a/xmloff/source/draw/ximpshap.cxx
+++ b/xmloff/source/draw/ximpshap.cxx
@@ -3277,7 +3277,7 @@ void SdXMLFloatingFrameShapeContext::StartElement( const
css::uno::Reference< cs
if( !maHref.isEmpty() )
{
- if (INetURLObject(maHref).GetProtocol() == INetProtocol::Macro)
+ if (INetURLObject(maHref).IsExoticProtocol())
GetImport().NotifyMacroEventRead();
xProps->setPropertyValue("FrameURL", Any(maHref) );
commit 0d4ef50d02b63414a654f282a91b84f63edfe88d
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 3 17:14:26 2023 +0000
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Dec 3 21:27:12 2023 +0000
add some protocols that don't make sense as floating frame targets
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158910
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 11ebdfef16501c6d35c3e3d0d62507f706557c71)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158901
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit 73e90d15c48a8f148e4e8f024cdf1b397efbcc53)
(cherry picked from commit b35aa37a5d1f32a419e7f311e415615808731acd)
(cherry picked from commit 421be99a6b101ac4ec91ad95b48c50fa17e47d36)
(cherry picked from commit fa390145228c9b9a044698fe4b7636c05210fda3)
(cherry picked from commit e549b65636b31971d8fb7fafc92e683bdef35cb6)
(cherry picked from commit eb42c9ad6473fb84fb5c02e522efe01e68e3ce43)
(cherry picked from commit adb38d113f86b9972b2a3aa9fa67620f854526fa)
Change-Id: Id900a5eef248731d1184c1df501a2cf7a2de7eb9
(cherry picked from commit f682a61d5cef2d48a10d582a8109e2aa79cc35c6)
diff --git a/include/tools/urlobj.hxx b/include/tools/urlobj.hxx
index 84556aa4a609..c069b4fb5e1c 100644
--- a/include/tools/urlobj.hxx
+++ b/include/tools/urlobj.hxx
@@ -946,6 +946,11 @@ public:
void changeScheme(INetProtocol eTargetScheme);
+ // INetProtocol::Macro, INetProtocol::Uno, INetProtocol::Slot,
+ // vnd.sun.star.script, etc. All the types of URLs which shouldn't
+ // be accepted from an outside controlled source
+ bool IsExoticProtocol() const;
+
private:
// General Structure:
diff --git a/sfx2/source/doc/iframe.cxx b/sfx2/source/doc/iframe.cxx
index 04f251087a16..7fea5b6fe5bf 100644
--- a/sfx2/source/doc/iframe.cxx
+++ b/sfx2/source/doc/iframe.cxx
@@ -38,6 +38,7 @@
#include <rtl/ref.hxx>
#include <svtools/miscopt.hxx>
#include <svl/ownlist.hxx>
+#include <sal/log.hxx>
#include <svl/itemprop.hxx>
#include <sfx2/docfile.hxx>
#include <sfx2/frmdescr.hxx>
@@ -168,8 +169,11 @@ sal_Bool SAL_CALL IFrameObject::load(
xTrans->parseStrict( aTargetURL );
INetURLObject aURLObject(aTargetURL.Complete);
- if (aURLObject.GetProtocol() == INetProtocol::Macro ||
aURLObject.isSchemeEqualTo(u"vnd.sun.star.script"))
+ if (aURLObject.IsExoticProtocol())
+ {
+ SAL_WARN("sfx", "IFrameObject::load ignoring: " <<
aTargetURL.Complete);
return false;
+ }
uno::Reference<frame::XFramesSupplier> xParentFrame =
xFrame->getCreator();
SfxObjectShell* pDoc = SfxMacroLoader::GetObjectShell(xParentFrame);
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 2abdfff07b05..4b2ca2ee9917 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4956,4 +4956,12 @@ OUString INetURLObject::CutExtension()
? aTheExtension : OUString();
}
+bool INetURLObject::IsExoticProtocol() const
+{
+ return m_eScheme == INetProtocol::Slot ||
+ m_eScheme == INetProtocol::Macro ||
+ m_eScheme == INetProtocol::Uno ||
+ isSchemeEqualTo(u"vnd.sun.star.script");
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit ba2cefc4cb8f8ed3c89cd195bb8d2eb4417b1b61
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 3 14:20:07 2023 +0000
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun Dec 3 21:26:07 2023 +0000
escape url passed to gstreamer
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158895
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit 2ee1167da1952b133280db2ae26eed6bf0303bc2)
(cherry picked from commit a77d9c151f043f070512488d84f0b839f4ed4553)
(cherry picked from commit 2b896a0ba8818804b89735bd7c8991fa8eb3d7b5)
(cherry picked from commit 0f14350fe70907d4466bcef15bfe05865b37babd)
(cherry picked from commit 9b7df77e3491add0919d8de993df0f40d7c58a70)
(cherry picked from commit 714e464631533901314f3189ce293dca47bec20e)
(cherry picked from commit cc41f40d696cec7c3ecec147b899d45d09f4629c)
(cherry picked from commit b3299fe7ae71b0ed781284a49cb03e34af15fcc0)
Change-Id: I3c93ee34800cc8563370f75ef3ef6f8a9220e6ec
diff --git a/avmedia/source/gstreamer/gstframegrabber.cxx
b/avmedia/source/gstreamer/gstframegrabber.cxx
index def1018baeed..fddfad173ebd 100644
--- a/avmedia/source/gstreamer/gstframegrabber.cxx
+++ b/avmedia/source/gstreamer/gstframegrabber.cxx
@@ -56,18 +56,17 @@ void FrameGrabber::disposePipeline()
FrameGrabber::FrameGrabber( const OUString &rURL ) :
FrameGrabber_BASE()
{
- gchar *pPipelineStr;
- pPipelineStr = g_strdup_printf(
+ const char pPipelineStr[] =
#ifdef AVMEDIA_GST_0_10
- "uridecodebin uri=%s ! ffmpegcolorspace ! videoscale ! appsink "
+ "uridecodebin name=source ! ffmpegcolorspace ! videoscale ! appsink "
"name=sink caps=\"video/x-raw-rgb,format=RGB,pixel-aspect-ratio=1/1,"
"bpp=(int)24,depth=(int)24,endianness=(int)4321,"
- "red_mask=(int)0xff0000, green_mask=(int)0x00ff00,
blue_mask=(int)0x0000ff\"",
+ "red_mask=(int)0xff0000, green_mask=(int)0x00ff00,
blue_mask=(int)0x0000ff\""
#else
- "uridecodebin uri=%s ! videoconvert ! videoscale ! appsink "
- "name=sink caps=\"video/x-raw,format=RGB,pixel-aspect-ratio=1/1\"",
+ "uridecodebin name=source ! videoconvert ! videoscale ! appsink "
+ "name=sink caps=\"video/x-raw,format=RGB,pixel-aspect-ratio=1/1\""
#endif
- OUStringToOString( rURL, RTL_TEXTENCODING_UTF8 ).getStr() );
+ ;
GError *pError = nullptr;
mpPipeline = gst_parse_launch( pPipelineStr, &pError );
@@ -78,6 +77,12 @@ FrameGrabber::FrameGrabber( const OUString &rURL ) :
}
if( mpPipeline ) {
+
+ if (GstElement *pUriDecode = gst_bin_get_by_name(GST_BIN(mpPipeline),
"source"))
+ g_object_set(pUriDecode, "uri", OUStringToOString(rURL,
RTL_TEXTENCODING_UTF8).getStr(), nullptr);
+ else
+ g_warning("Missing 'source' element in gstreamer pipeline");
+
// pre-roll
switch( gst_element_set_state( mpPipeline, GST_STATE_PAUSED ) ) {
case GST_STATE_CHANGE_FAILURE:
