embeddedobj/Library_emboleobj.mk | 4 ++++
embeddedobj/source/commonembedding/xfactory.cxx | 16 ++++++++++++++++
embeddedobj/source/msole/xolefactory.cxx | 13 +++++++++++++
include/svtools/strings.hrc | 1 +
sc/source/ui/drawfunc/fuins2.cxx | 11 +++++++++++
sd/source/ui/func/fuinsert.cxx | 11 +++++++++++
sw/source/uibase/wrtsh/wrtsh1.cxx | 12 ++++++++++++
7 files changed, 68 insertions(+)
New commits:
commit 417f140effaea10674d280370223181cb0dc3e55
Author: Sarper Akdemir <sarper.akdemir.ext...@allotropia.de>
AuthorDate: Wed Dec 20 12:46:54 2023 +0300
Commit: Sarper Akdemir <sarper.akdemir.ext...@allotropia.de>
CommitDate: Thu Dec 21 10:14:22 2023 +0100
tdf#158375: adapt UI when embedded content is disabled via option
When DisableActiveContent is set, embedded active content is
disabled (e.g. OLE). Therefore the existing ui insertion bits don't
function either. Disable them with a warning pop-up hinting "Active
content is disabled."
Change-Id: I14984684f22df6aff81af79d5a15589b5cae75fc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161055
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
(cherry picked from commit 7bb50fd2398220c3b162e7242c1cc8d6c4c31463)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161028
Reviewed-by: Sarper Akdemir <sarper.akdemir.ext...@allotropia.de>
diff --git a/include/svtools/strings.hrc b/include/svtools/strings.hrc
index 3aa1e9770d66..53cefc48d8ff 100644
--- a/include/svtools/strings.hrc
+++ b/include/svtools/strings.hrc
@@ -263,6 +263,7 @@
#define STR_FIELD_CALENDAR NC_("STR_FIELD_CALENDAR",
"Calendar")
#define STR_FIELD_INVITE NC_("STR_FIELD_INVITE",
"Invite")
+#define STR_WARNING_ACTIVE_CONTENT_DISABLED
NC_("STR_WARNING_ACTIVE_CONTENT_DISABLED", "Active content is disabled.")
#define STR_SVT_DEFAULT_SERVICE_LABEL
NC_("STR_SVT_DEFAULT_SERVICE_LABEL", "$user$'s $service$")
#define STR_WARNING_JAVANOTFOUND
NC_("STR_WARNING_JAVANOTFOUND", "%PRODUCTNAME requires a Java runtime
environment (JRE) to perform this task. Please install a JRE and restart
%PRODUCTNAME. %FAQLINK")
diff --git a/sc/source/ui/drawfunc/fuins2.cxx b/sc/source/ui/drawfunc/fuins2.cxx
index 07d076fe26d6..959424b40b87 100644
--- a/sc/source/ui/drawfunc/fuins2.cxx
+++ b/sc/source/ui/drawfunc/fuins2.cxx
@@ -32,6 +32,8 @@
#include <unotools/moduleoptions.hxx>
#include <svtools/insdlg.hxx>
#include <svtools/embedhlp.hxx>
+#include <svtools/strings.hrc>
+#include <svtools/svtresid.hxx>
#include <svx/svxdlg.hxx>
#include <comphelper/classids.hxx>
#include <svx/svdpagv.hxx>
@@ -57,6 +59,7 @@
#include <com/sun/star/chart/ChartDataRowSource.hpp>
#include <cppuhelper/bootstrap.hxx>
#include <svtools/dialogclosedlistener.hxx>
+#include <officecfg/Office/Common.hxx>
#include <PivotTableDataProvider.hxx>
#include <chart2uno.hxx>
@@ -252,6 +255,14 @@ FuInsertOLE::FuInsertOLE(ScTabViewShell& rViewSh,
vcl::Window* pWin, ScDrawView*
switch ( nSlot )
{
case SID_INSERT_OBJECT :
+ if
(officecfg::Office::Common::Security::Scripting::DisableActiveContent::get())
+ {
+ std::unique_ptr<weld::MessageDialog>
xError(Application::CreateMessageDialog(
+ nullptr, VclMessageType::Warning, VclButtonsType::Ok,
+ SvtResId(STR_WARNING_ACTIVE_CONTENT_DISABLED)));
+ xError->run();
+ break;
+ }
aServerLst.FillInsertObjects();
aServerLst.Remove( ScDocShell::Factory().GetClassId() ); //
Do not show Starcalc
//TODO/LATER: currently no inserting of ClassId into
SfxRequest!
diff --git a/sd/source/ui/func/fuinsert.cxx b/sd/source/ui/func/fuinsert.cxx
index 5f80abc89ebd..31b286c822e3 100644
--- a/sd/source/ui/func/fuinsert.cxx
+++ b/sd/source/ui/func/fuinsert.cxx
@@ -42,6 +42,8 @@
#include <sfx2/request.hxx>
#include <svl/globalnameitem.hxx>
#include <svtools/embedhlp.hxx>
+#include <svtools/strings.hrc>
+#include <svtools/svtresid.hxx>
#include <svx/linkwarn.hxx>
#include <avmedia/mediawindow.hxx>
#include <comphelper/classids.hxx>
@@ -453,6 +455,15 @@ void FuInsertOLE::DoExecute( SfxRequest& rReq )
{
case SID_INSERT_OBJECT :
{
+ if
(officecfg::Office::Common::Security::Scripting::DisableActiveContent::get())
+ {
+ std::unique_ptr<weld::MessageDialog> xError(
+ Application::CreateMessageDialog(
+ nullptr, VclMessageType::Warning,
VclButtonsType::Ok,
+
SvtResId(STR_WARNING_ACTIVE_CONTENT_DISABLED)));
+ xError->run();
+ break;
+ }
aServerLst.FillInsertObjects();
if (mpDoc->GetDocumentType() == DocumentType::Draw)
{
diff --git a/sw/source/uibase/wrtsh/wrtsh1.cxx
b/sw/source/uibase/wrtsh/wrtsh1.cxx
index 912283dd20fc..4b2402fc93c8 100644
--- a/sw/source/uibase/wrtsh/wrtsh1.cxx
+++ b/sw/source/uibase/wrtsh/wrtsh1.cxx
@@ -89,6 +89,7 @@
#include <vcl/uitest/eventdescription.hxx>
#include <osl/diagnose.h>
#include <o3tl/unit_conversion.hxx>
+#include <officecfg/Office/Common.hxx>
#include <PostItMgr.hxx>
#include <FrameControlsManager.hxx>
@@ -100,6 +101,8 @@
#include <sfx2/msgpool.hxx>
#include <sfx2/msg.hxx>
#include <svtools/embedhlp.hxx>
+#include <svtools/strings.hrc>
+#include <svtools/svtresid.hxx>
#include <svx/postattr.hxx>
#include <comphelper/lok.hxx>
#include <comphelper/propertyvalue.hxx>
@@ -433,6 +436,15 @@ void SwWrtShell::InsertObject( const
svt::EmbeddedObjectRef& xRef, SvGlobalName
{
case SID_INSERT_OBJECT:
{
+ if
(officecfg::Office::Common::Security::Scripting::DisableActiveContent::get())
+ {
+ std::unique_ptr<weld::MessageDialog> xError(
+ Application::CreateMessageDialog(
+ nullptr, VclMessageType::Warning,
VclButtonsType::Ok,
+
SvtResId(STR_WARNING_ACTIVE_CONTENT_DISABLED)));
+ xError->run();
+ break;
+ }
aServerList.FillInsertObjects();
aServerList.Remove( SwDocShell::Factory().GetClassId() );
[[fallthrough]];
commit 24dae717996fe976c6d86b13a8b7b60cb74ca066
Author: Sarper Akdemir <sarper.akdemir.ext...@allotropia.de>
AuthorDate: Mon Dec 18 16:23:27 2023 +0300
Commit: Sarper Akdemir <sarper.akdemir.ext...@allotropia.de>
CommitDate: Thu Dec 21 10:14:10 2023 +0100
tdf#158375: further disable embedded objects
there was the possibility of constructing an OOoEmbeddedObjectFactory
or OleEmbeddedObjectFactory directly instead of
UNOEmbeddedObjectCreator.
So disable all createInstance calls for them too. Securing there won't
be active embedded objects.
Change-Id: Ib47ad920d4951790c12d1a8587505cab2f1e126d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160921
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
(cherry picked from commit 488fa4a226b5250379538123e485c8c08dd2092a)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161027
Reviewed-by: Sarper Akdemir <sarper.akdemir.ext...@allotropia.de>
diff --git a/embeddedobj/Library_emboleobj.mk b/embeddedobj/Library_emboleobj.mk
index b7fde953c466..d92f86f2c7d3 100644
--- a/embeddedobj/Library_emboleobj.mk
+++ b/embeddedobj/Library_emboleobj.mk
@@ -10,6 +10,10 @@
$(eval $(call gb_Library_Library,emboleobj))
+$(eval $(call gb_Library_use_custom_headers,emboleobj,\
+ officecfg/registry \
+))
+
$(eval $(call
gb_Library_set_componentfile,emboleobj,embeddedobj/source/msole/emboleobj$(if
$(filter WNT,$(OS)),.windows),services))
$(eval $(call gb_Library_set_include,emboleobj,\
diff --git a/embeddedobj/source/commonembedding/xfactory.cxx
b/embeddedobj/source/commonembedding/xfactory.cxx
index c6f57aa9c643..1460b31fd54b 100644
--- a/embeddedobj/source/commonembedding/xfactory.cxx
+++ b/embeddedobj/source/commonembedding/xfactory.cxx
@@ -23,9 +23,11 @@
#include <com/sun/star/beans/NamedValue.hpp>
#include <com/sun/star/container/XNameAccess.hpp>
#include <com/sun/star/io/IOException.hpp>
+#include <com/sun/star/lang/NoSupportException.hpp>
#include <cppuhelper/supportsservice.hxx>
#include <cppuhelper/weak.hxx>
#include <comphelper/documentconstants.hxx>
+#include <officecfg/Office/Common.hxx>
#include "xfactory.hxx"
#include <commonembobj.hxx>
@@ -41,6 +43,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OOoEmbeddedObjectFactory::createInsta
const
uno::Sequence< beans::PropertyValue >& aMediaDescr,
const
uno::Sequence< beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active embedded content is disabled!");
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
static_cast< ::cppu::OWeakObject*
>(this),
@@ -118,6 +122,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OOoEmbeddedObjectFactory::createInsta
const uno::Sequence< beans::PropertyValue >& aMediaDescr,
const uno::Sequence< beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active embedded content is disabled!");
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
static_cast< ::cppu::OWeakObject*
>(this),
@@ -169,6 +175,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OOoEmbeddedObjectFactory::createInsta
const OUString& sEntName,
const uno::Sequence<
beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active embedded content is disabled!");
uno::Reference< uno::XInterface > xResult;
if ( !xStorage.is() )
@@ -212,6 +220,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OOoEmbeddedObjectFactory::createInsta
const uno::Sequence< beans::PropertyValue >& lObjArgs )
{
// the initialization is completely controlled by user
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active embedded content is disabled!");
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
uno::Reference< uno::XInterface >(
static_cast< ::cppu::OWeakObject* >(this) ),
@@ -257,6 +267,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OOoEmbeddedObjectFactory::createInsta
const uno::Sequence<
beans::PropertyValue >& aMediaDescr,
const uno::Sequence<
beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active embedded content is disabled!");
uno::Reference< uno::XInterface > xResult;
uno::Sequence< beans::PropertyValue > aTempMedDescr( aMediaDescr );
@@ -302,6 +314,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OOoEmbeddedObjectFactory::createInsta
const uno::Sequence<
beans::PropertyValue >& lArguments,
const uno::Sequence<
beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active embedded content is disabled!");
uno::Reference< uno::XInterface > xResult;
// the initialization is completely controlled by user
@@ -381,6 +395,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OOoSpecialEmbeddedObjectFactory::crea
const uno::Sequence< beans::PropertyValue >& /*lArguments*/,
const uno::Sequence< beans::PropertyValue >& /*lObjArgs*/ )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active embedded content is disabled!");
uno::Sequence< beans::NamedValue > aObject =
m_aConfigHelper.GetObjectPropsByClassID( aClassID );
if ( !aObject.hasElements() )
throw io::IOException(); // unexpected mimetype of the storage
diff --git a/embeddedobj/source/msole/xolefactory.cxx
b/embeddedobj/source/msole/xolefactory.cxx
index 1a7728ef8cdd..735e1438c5f8 100644
--- a/embeddedobj/source/msole/xolefactory.cxx
+++ b/embeddedobj/source/msole/xolefactory.cxx
@@ -22,6 +22,7 @@
#include <com/sun/star/container/XNameAccess.hpp>
#include <com/sun/star/embed/Aspects.hpp>
#include <com/sun/star/io/IOException.hpp>
+#include <com/sun/star/lang/NoSupportException.hpp>
#include <com/sun/star/lang/IllegalArgumentException.hpp>
#include "xolefactory.hxx"
@@ -30,6 +31,8 @@
#include <cppuhelper/supportsservice.hxx>
#include <cppuhelper/weak.hxx>
+#include <officecfg/Office/Common.hxx>
+
using namespace ::com::sun::star;
// TODO: do not create OLE objects that represent OOo documents
@@ -41,6 +44,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OleEmbeddedObjectFactory::createInsta
const
uno::Sequence< beans::PropertyValue >& aMedDescr,
const
uno::Sequence< beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active OLE content is disabled!");
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
static_cast< ::cppu::OWeakObject*
>(this),
@@ -101,6 +106,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OleEmbeddedObjectFactory::createInsta
const uno::Sequence< beans::PropertyValue >& aMediaDescr,
const uno::Sequence< beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active OLE content is disabled!");
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
static_cast< ::cppu::OWeakObject*
>(this),
@@ -133,6 +140,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OleEmbeddedObjectFactory::createInsta
const OUString& sEntName,
const uno::Sequence<
beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active OLE content is disabled!");
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
static_cast< ::cppu::OWeakObject*
>(this),
@@ -164,6 +173,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OleEmbeddedObjectFactory::createInsta
const uno::Sequence<
beans::PropertyValue >& aMediaDescr,
const uno::Sequence<
beans::PropertyValue >& lObjArgs )
{
+ if (
officecfg::Office::Common::Security::Scripting::DisableActiveContent::get() )
+ throw lang::NoSupportException("Active OLE content is disabled!");
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
static_cast< ::cppu::OWeakObject*
>(this),
@@ -198,6 +209,8 @@ uno::Reference< uno::XInterface > SAL_CALL
OleEmbeddedObjectFactory::createInsta
const uno::Sequence< beans::PropertyValue >& /*lArguments*/,
const uno::Sequence< beans::PropertyValue >& lObjArgs )
{
+ if
(officecfg::Office::Common::Security::Scripting::DisableActiveContent::get())
+ throw lang::NoSupportException("Active OLE content is disabled!");
// the initialization is completely controlled by user
if ( !xStorage.is() )
throw lang::IllegalArgumentException( "No parent storage is provided!",
