avmedia/source/viewer/mediawindow_impl.cxx | 11 +++--
editeng/source/items/frmitems.cxx | 9 +++-
embeddedobj/source/commonembedding/persistence.cxx | 8 +++
forms/source/component/ImageControl.cxx | 7 +++
forms/source/component/clickableimage.cxx | 11 +++--
include/toolkit/controls/unocontrols.hxx | 2
include/toolkit/helper/property.hxx | 1
sfx2/source/appl/linkmgr2.cxx | 5 +-
sw/source/filter/html/htmlgrin.cxx | 3 -
toolkit/source/awt/vclxwindows.cxx | 1
toolkit/source/controls/dialogcontrol.cxx | 4 -
toolkit/source/controls/unocontrols.cxx | 14 ++++--
toolkit/source/helper/property.cxx | 2
tools/qa/cppunit/test_urlobj.cxx | 44 +++++++++++++++++++++
tools/source/fsys/urlobj.cxx | 31 ++++++++++++--
unotools/source/misc/mediadescriptor.cxx | 3 +
vcl/source/filter/graphicfilter.cxx | 8 +++
xmloff/source/forms/elementimport.cxx | 9 ++++
18 files changed, 149 insertions(+), 24 deletions(-)
New commits:
commit eab0da77dfb4a54d14968eb72532e045bfffa0fb
Author: Stephan Bergmann <stephan.bergm...@allotropia.de>
AuthorDate: Sat Dec 7 17:36:22 2024 +0100
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Dec 11 17:13:02 2024 +0100
Fix check for further exotic protocols
...that were added in 59891cd3985469bc44dbd05c9fc704eeb07f0c78 "look at
'embedded' protocols for protocols that support them"
Change-Id: I42836d6fd27cd99e39ab07e626053f002a2651f5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178047
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
(cherry picked from commit 8075798b22f2188530f57b8747589923bfd419ef)
diff --git a/tools/qa/cppunit/test_urlobj.cxx b/tools/qa/cppunit/test_urlobj.cxx
index 127e01067ec8..5d39af0a7568 100644
--- a/tools/qa/cppunit/test_urlobj.cxx
+++ b/tools/qa/cppunit/test_urlobj.cxx
@@ -302,6 +302,49 @@ namespace tools_urlobj
obj.GetMainURL(INetURLObject::DecodeMechanism::NONE));
}
+ void testIsExoticProtocol() {
+ {
+ INetURLObject url(u"vnd.sun.star.pkg://slot%3A0");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg,
url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject
url(u"vnd.sun.star.pkg://vnd.sun.star.pkg%3A%2F%2Fslot%253A0");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg,
url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject
url(u"vnd.sun.star.pkg://http%3A%2F%2Fexample.net");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg,
url.GetProtocol());
+ CPPUNIT_ASSERT(!url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0/foo");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0?foo");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0#foo");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject
url(u"vnd.sun.star.zip://http%3A%2F%2Fexample.net");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(!url.IsExoticProtocol());
+ }
+ }
+
// Change the following lines only, if you add, remove or rename
// member functions of the current class,
// because these macros are need by auto register mechanism.
@@ -316,6 +359,7 @@ namespace tools_urlobj
CPPUNIT_TEST( urlobjTest_isAnyKnownWebDAVScheme );
CPPUNIT_TEST( testSetName );
CPPUNIT_TEST( testSetExtension );
+ CPPUNIT_TEST( testIsExoticProtocol );
CPPUNIT_TEST_SUITE_END( );
}; // class createPool
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index e38b2f1bc976..e13de738f05e 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4782,10 +4782,21 @@ bool INetURLObject::IsExoticProtocol() const
{
return true;
}
- if (isSchemeEqualTo(u"vnd.sun.star.pkg") ||
isSchemeEqualTo(u"vnd.sun.star.zip"))
+ if (m_eScheme == INetProtocol::VndSunStarPkg) {
+ return
INetURLObject(GetHost(INetURLObject::DecodeMechanism::WithCharset))
+ .IsExoticProtocol();
+ }
+ if (isSchemeEqualTo(u"vnd.sun.star.zip"))
{
- OUString sPayloadURL =
GetURLPath(INetURLObject::DecodeMechanism::WithCharset);
- return sPayloadURL.startsWith(u"//") &&
INetURLObject(sPayloadURL.subView(2)).IsExoticProtocol();
+ OUString sPayloadURL =
GetURLPath(INetURLObject::DecodeMechanism::NONE);
+ if (!sPayloadURL.startsWith(u"//")) {
+ return false;
+ }
+ auto const find = [&sPayloadURL](auto c) {
+ auto const n = sPayloadURL.indexOf(c, 2);
+ return n == -1 ? sPayloadURL.getLength() : n;
+ };
+ return INetURLObject(decode(sPayloadURL.copy(2, std::min(find('/'),
find('?')) - 2),
INetURLObject::DecodeMechanism::WithCharset)).IsExoticProtocol();
}
return false;
}
commit 4915889ab56bc946264c257391ba6eeedfdfad95
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Dec 6 14:41:19 2024 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Dec 11 17:08:02 2024 +0100
look at 'embedded' protocols too
Change-Id: Ie99f5f5a390639bdc69397c831e0a32594a5030c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177981
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 59891cd3985469bc44dbd05c9fc704eeb07f0c78)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177987
Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
(cherry picked from commit b63aa51c55244ee67410201fa5e7c003427b1009)
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index d95a874a8c2d..e38b2f1bc976 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4773,12 +4773,21 @@ OUString INetURLObject::CutExtension()
bool INetURLObject::IsExoticProtocol() const
{
- return m_eScheme == INetProtocol::Slot ||
- m_eScheme == INetProtocol::Macro ||
- m_eScheme == INetProtocol::Uno ||
- m_eScheme == INetProtocol::VndSunStarExpand ||
- isSchemeEqualTo(u"vnd.sun.star.script") ||
- isSchemeEqualTo(u"service");
+ if (m_eScheme == INetProtocol::Slot ||
+ m_eScheme == INetProtocol::Macro ||
+ m_eScheme == INetProtocol::Uno ||
+ m_eScheme == INetProtocol::VndSunStarExpand ||
+ isSchemeEqualTo(u"vnd.sun.star.script") ||
+ isSchemeEqualTo(u"service"))
+ {
+ return true;
+ }
+ if (isSchemeEqualTo(u"vnd.sun.star.pkg") ||
isSchemeEqualTo(u"vnd.sun.star.zip"))
+ {
+ OUString sPayloadURL =
GetURLPath(INetURLObject::DecodeMechanism::WithCharset);
+ return sPayloadURL.startsWith(u"//") &&
INetURLObject(sPayloadURL.subView(2)).IsExoticProtocol();
+ }
+ return false;
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit a22d185ef7d141676e8a4db15471bfe6d283cb8c
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 15 12:30:39 2024 +0000
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Dec 11 16:53:33 2024 +0100
consider VndSunStarExpand an exotic protocol
and generally don't bother with it when fetching data
from urls
Change-Id: I51a2601c6fb7d6c32f9e2d1286ee0d3b05b370b9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176797
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit d6c89af2598e866aa9cb4fa3600691fb558befdb)
diff --git a/avmedia/source/viewer/mediawindow_impl.cxx
b/avmedia/source/viewer/mediawindow_impl.cxx
index 70cc871854d6..98256a55b099 100644
--- a/avmedia/source/viewer/mediawindow_impl.cxx
+++ b/avmedia/source/viewer/mediawindow_impl.cxx
@@ -174,16 +174,19 @@ void MediaWindowImpl::dispose()
uno::Reference<media::XPlayer> MediaWindowImpl::createPlayer(const OUString&
rURL, const OUString& rReferer, const OUString* pMimeType)
{
- uno::Reference<media::XPlayer> xPlayer;
-
if( rURL.isEmpty() )
- return xPlayer;
+ return nullptr;
if (SvtSecurityOptions().isUntrustedReferer(rReferer))
{
- return xPlayer;
+ return nullptr;
}
+ if (INetURLObject(rURL).IsExoticProtocol())
+ return nullptr;
+
+ uno::Reference<media::XPlayer> xPlayer;
+
if (!pMimeType || *pMimeType == AVMEDIA_MIMETYPE_COMMON)
{
uno::Reference<uno::XComponentContext>
xContext(::comphelper::getProcessComponentContext());
diff --git a/editeng/source/items/frmitems.cxx
b/editeng/source/items/frmitems.cxx
index 7ee4258df96f..138e3e2f24ca 100644
--- a/editeng/source/items/frmitems.cxx
+++ b/editeng/source/items/frmitems.cxx
@@ -3116,6 +3116,13 @@ const GraphicObject*
SvxBrushItem::GetGraphicObject(OUString const & referer) co
return nullptr;
}
+ INetURLObject aGraphicURL( maStrLink );
+ if (aGraphicURL.IsExoticProtocol())
+ {
+ SAL_WARN("editeng", "Ignore exotic protocol: " << maStrLink);
+ return nullptr;
+ }
+
// tdf#94088 prepare graphic and state
Graphic aGraphic;
bool bGraphicLoaded = false;
@@ -3136,8 +3143,6 @@ const GraphicObject*
SvxBrushItem::GetGraphicObject(OUString const & referer) co
// a 'data:' scheme url and try to load that (embedded graphics)
if(!bGraphicLoaded)
{
- INetURLObject aGraphicURL( maStrLink );
-
if( INetProtocol::Data == aGraphicURL.GetProtocol() )
{
std::unique_ptr<SvMemoryStream> const
xMemStream(aGraphicURL.getData());
diff --git a/embeddedobj/source/commonembedding/persistence.cxx
b/embeddedobj/source/commonembedding/persistence.cxx
index f5444e16481a..5f322e20467d 100644
--- a/embeddedobj/source/commonembedding/persistence.cxx
+++ b/embeddedobj/source/commonembedding/persistence.cxx
@@ -52,6 +52,7 @@
#include <comphelper/mimeconfighelper.hxx>
#include <comphelper/namedvaluecollection.hxx>
#include <unotools/configmgr.hxx>
+#include <tools/urlobj.hxx>
#include <unotools/securityoptions.hxx>
#include <tools/diagnose_ex.h>
@@ -364,6 +365,13 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::LoadLink_Impl()
{
sal_Int32 nLen = 2;
uno::Sequence< beans::PropertyValue > aArgs( nLen );
+
+ if (INetURLObject(m_aLinkURL).IsExoticProtocol())
+ {
+ SAL_WARN("embeddedobj.common", "Ignore exotic protocol: " <<
m_aLinkURL);
+ return nullptr;
+ }
+
aArgs[0].Name = "URL";
aArgs[0].Value <<= m_aLinkURL;
aArgs[1].Name = "FilterName";
diff --git a/forms/source/component/ImageControl.cxx
b/forms/source/component/ImageControl.cxx
index 4c45084a3527..b4cff02a5a42 100644
--- a/forms/source/component/ImageControl.cxx
+++ b/forms/source/component/ImageControl.cxx
@@ -397,7 +397,7 @@ bool OImageControlModel::impl_updateStreamForURL_lck( const
OUString& _rURL, Val
{
OUString referer;
getPropertyValue("Referer") >>= referer;
- if (SvtSecurityOptions().isUntrustedReferer(referer)) {
+ if (SvtSecurityOptions().isUntrustedReferer(referer) ||
INetURLObject(_rURL).IsExoticProtocol()) {
return false;
}
diff --git a/forms/source/component/clickableimage.cxx
b/forms/source/component/clickableimage.cxx
index 8f462aa88cc9..9c982a3932fa 100644
--- a/forms/source/component/clickableimage.cxx
+++ b/forms/source/component/clickableimage.cxx
@@ -699,7 +699,7 @@ namespace frm
// the SfxMedium is not allowed to be created with an invalid URL, so
we have to check this first
INetURLObject aUrl(rURL);
- if (INetProtocol::NotValid == aUrl.GetProtocol())
+ if (INetProtocol::NotValid == aUrl.GetProtocol() ||
aUrl.IsExoticProtocol())
// we treat an invalid URL like we would treat no URL
return;
diff --git a/sfx2/source/appl/linkmgr2.cxx b/sfx2/source/appl/linkmgr2.cxx
index 4f9c109a23d1..b3e60cf5c643 100644
--- a/sfx2/source/appl/linkmgr2.cxx
+++ b/sfx2/source/appl/linkmgr2.cxx
@@ -516,8 +516,11 @@ bool LinkManager::GetGraphicFromAny(const OUString&
rMimeType,
if (rValue.has<OUString>())
{
OUString sURL = rValue.get<OUString>();
- if (!SvtSecurityOptions().isUntrustedReferer(rReferer))
+ if (!SvtSecurityOptions().isUntrustedReferer(rReferer) &&
+ !INetURLObject(sURL).IsExoticProtocol())
+ {
rGraphic = vcl::graphic::loadFromURL(sURL, pParentWin);
+ }
if (rGraphic.IsNone())
rGraphic.SetDefaultType();
rGraphic.setOriginURL(sURL);
diff --git a/sw/source/filter/html/htmlgrin.cxx
b/sw/source/filter/html/htmlgrin.cxx
index a390ffc0368e..c1824846dca1 100644
--- a/sw/source/filter/html/htmlgrin.cxx
+++ b/sw/source/filter/html/htmlgrin.cxx
@@ -646,7 +646,8 @@ IMAGE_SETEVENT:
// bPrcWidth / bPrcHeight means we have a percent size. If that's not the
case and we have no
// size from nWidth / nHeight either, then inspect the image header.
- if ((!bPrcWidth && !nWidth) && (!bPrcHeight && !nHeight) &&
allowAccessLink(*m_xDoc))
+ if ((!bPrcWidth && !nWidth) && (!bPrcHeight && !nHeight) &&
allowAccessLink(*m_xDoc) &&
+ !aGraphicURL.IsExoticProtocol())
{
GraphicDescriptor aDescriptor(aGraphicURL);
if (aDescriptor.Detect(/*bExtendedInfo=*/true))
diff --git a/toolkit/source/controls/unocontrols.cxx
b/toolkit/source/controls/unocontrols.cxx
index c26706b1b4ee..dd351dd52f5d 100644
--- a/toolkit/source/controls/unocontrols.cxx
+++ b/toolkit/source/controls/unocontrols.cxx
@@ -33,6 +33,7 @@
#include <toolkit/controls/unocontrols.hxx>
#include <toolkit/helper/property.hxx>
#include <toolkit/helper/servicenames.hxx>
+#include <tools/urlobj.hxx>
#include <toolkit/helper/macros.hxx>
#include <unotools/securityoptions.hxx>
@@ -68,7 +69,7 @@ css::uno::Reference< css::graphic::XGraphic >
ImageHelper::getGraphicFromURL_nothrow( const OUString& _rURL, OUString const
& referer )
{
uno::Reference< graphic::XGraphic > xGraphic;
- if ( _rURL.isEmpty() || SvtSecurityOptions().isUntrustedReferer(referer) )
+ if ( _rURL.isEmpty() || SvtSecurityOptions().isUntrustedReferer(referer)
|| INetURLObject(_rURL).IsExoticProtocol())
return xGraphic;
try
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 1ef2b7e0b2af..d95a874a8c2d 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4776,6 +4776,7 @@ bool INetURLObject::IsExoticProtocol() const
return m_eScheme == INetProtocol::Slot ||
m_eScheme == INetProtocol::Macro ||
m_eScheme == INetProtocol::Uno ||
+ m_eScheme == INetProtocol::VndSunStarExpand ||
isSchemeEqualTo(u"vnd.sun.star.script") ||
isSchemeEqualTo(u"service");
}
diff --git a/unotools/source/misc/mediadescriptor.cxx
b/unotools/source/misc/mediadescriptor.cxx
index 1b830fb4e7d9..92c10d6948e2 100644
--- a/unotools/source/misc/mediadescriptor.cxx
+++ b/unotools/source/misc/mediadescriptor.cxx
@@ -600,6 +600,9 @@ bool MediaDescriptor::impl_openStreamWithPostData( const
css::uno::Reference< cs
/*-----------------------------------------------*/
bool MediaDescriptor::impl_openStreamWithURL( const OUString& sURL, bool
bLockFile )
{
+ if (INetURLObject(sURL).IsExoticProtocol())
+ return false;
+
OUString referer(getUnpackedValueOrDefault(PROP_REFERRER(), OUString()));
if (SvtSecurityOptions().isUntrustedReferer(referer)) {
return false;
diff --git a/vcl/source/filter/graphicfilter.cxx
b/vcl/source/filter/graphicfilter.cxx
index 468ff983c4f2..7d344e5b9c1a 100644
--- a/vcl/source/filter/graphicfilter.cxx
+++ b/vcl/source/filter/graphicfilter.cxx
@@ -1004,10 +1004,16 @@ ErrCode GraphicFilter::CanImportGraphic( const
OUString& rMainUrl, SvStream& rIS
ErrCode GraphicFilter::ImportGraphic( Graphic& rGraphic, const INetURLObject&
rPath,
sal_uInt16 nFormat, sal_uInt16 *
pDeterminedFormat, GraphicFilterImportFlags nImportFlags )
{
- ErrCode nRetValue = ERRCODE_GRFILTER_FORMATERROR;
SAL_WARN_IF( rPath.GetProtocol() == INetProtocol::NotValid, "vcl.filter",
"GraphicFilter::ImportGraphic() : ProtType == INetProtocol::NotValid" );
OUString aMainUrl( rPath.GetMainURL(
INetURLObject::DecodeMechanism::NONE ) );
+ if (rPath.IsExoticProtocol())
+ {
+ SAL_WARN("vcl.filter", "GraphicFilter::ImportGraphic(), ignore exotic
protocol: " << aMainUrl);
+ return ERRCODE_GRFILTER_FORMATERROR;
+ }
+
+ ErrCode nRetValue = ERRCODE_GRFILTER_FORMATERROR;
std::unique_ptr<SvStream> xStream(::utl::UcbStreamHelper::CreateStream(
aMainUrl, StreamMode::READ | StreamMode::SHARE_DENYNONE ));
if (xStream)
{
commit a32a6301e4ba0c979f5a6b593062749654f3c320
Author: Stephan Bergmann <stephan.bergm...@allotropia.de>
AuthorDate: Tue Jun 11 14:15:47 2024 +0200
Commit: Michael Stahl <michael.st...@allotropia.de>
CommitDate: Wed Dec 11 15:11:09 2024 +0100
Some missing "block untrusted referer links" for form controls
...where "Referer" is now passed in as an additional property, so that the
relevant objects can decide whether to obtain graphics while loading a
document
Change-Id: Ie3dabc574861713212b906a0d7793f438a7d50a8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168674
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <stephan.bergm...@allotropia.de>
(cherry picked from commit dc01a6e7efd3e4c41287dc10c7ea1fdfa1ab5cb5)
diff --git a/forms/source/component/ImageControl.cxx
b/forms/source/component/ImageControl.cxx
index 12d44e59e963..4c45084a3527 100644
--- a/forms/source/component/ImageControl.cxx
+++ b/forms/source/component/ImageControl.cxx
@@ -55,6 +55,7 @@
#include <comphelper/property.hxx>
#include <comphelper/types.hxx>
#include <cppuhelper/queryinterface.hxx>
+#include <unotools/securityoptions.hxx>
#include <unotools/ucbstreamhelper.hxx>
#include <svl/urihelper.hxx>
@@ -394,6 +395,12 @@ void OImageControlModel::read(const
Reference<XObjectInputStream>& _rxInStream)
bool OImageControlModel::impl_updateStreamForURL_lck( const OUString& _rURL,
ValueChangeInstigator _eInstigator )
{
+ OUString referer;
+ getPropertyValue("Referer") >>= referer;
+ if (SvtSecurityOptions().isUntrustedReferer(referer)) {
+ return false;
+ }
+
// create a stream for the image specified by the URL
std::unique_ptr< SvStream > pImageStream;
Reference< XInputStream > xImageStream;
diff --git a/forms/source/component/clickableimage.cxx
b/forms/source/component/clickableimage.cxx
index f3803d275bb7..8f462aa88cc9 100644
--- a/forms/source/component/clickableimage.cxx
+++ b/forms/source/component/clickableimage.cxx
@@ -47,6 +47,7 @@
#include <comphelper/types.hxx>
#include <cppuhelper/exc_hlp.hxx>
#include <svtools/imageresourceaccess.hxx>
+#include <unotools/securityoptions.hxx>
#define LOCAL_URL_PREFIX '#'
@@ -770,8 +771,12 @@ namespace frm
m_bProdStarted = false;
- // Kick off download (caution: can be synchronous).
- m_pMedium->Download(LINK(this, OClickableImageBaseModel,
DownloadDoneLink));
+ OUString referer;
+ getPropertyValue("Referer") >>= referer;
+ if (!SvtSecurityOptions().isUntrustedReferer(referer)) {
+ // Kick off download (caution: can be synchronous).
+ m_pMedium->Download(LINK(this, OClickableImageBaseModel,
DownloadDoneLink));
+ }
}
else
{
diff --git a/include/toolkit/controls/unocontrols.hxx
b/include/toolkit/controls/unocontrols.hxx
index c3c16b2fe6c4..c539acb19ab0 100644
--- a/include/toolkit/controls/unocontrols.hxx
+++ b/include/toolkit/controls/unocontrols.hxx
@@ -67,7 +67,7 @@ public:
// appropriately ( e.g. NULL if non GraphicObject scheme ) or a valid
// object if the rURL points to a valid object
static css::uno::Reference< css::graphic::XGraphic >
getGraphicAndGraphicObjectFromURL_nothrow( css::uno::Reference<
css::graphic::XGraphicObject >& xOutGraphicObject, const OUString& _rURL );
- static css::uno::Reference< css::graphic::XGraphic >
getGraphicFromURL_nothrow( const OUString& _rURL );
+ static css::uno::Reference< css::graphic::XGraphic >
getGraphicFromURL_nothrow( const OUString& _rURL, OUString const & referer );
};
diff --git a/include/toolkit/helper/property.hxx
b/include/toolkit/helper/property.hxx
index efc924a1ad2b..196548abcc83 100644
--- a/include/toolkit/helper/property.hxx
+++ b/include/toolkit/helper/property.hxx
@@ -208,6 +208,7 @@ namespace uno {
#define BASEPROPERTY_ACTIVE_SEL_TEXT_COLOR 167
#define BASEPROPERTY_INACTIVE_SEL_TEXT_COLOR 168
#define BASEPROPERTY_TYPEDITEMLIST 169 // AnySequence
+#define BASEPROPERTY_REFERER 172
// These properties are not bound, they are always extracted from the
BASEPROPERTY_FONTDESCRIPTOR property
diff --git a/toolkit/source/awt/vclxwindows.cxx
b/toolkit/source/awt/vclxwindows.cxx
index c356aba16ee1..252deab4f2e6 100644
--- a/toolkit/source/awt/vclxwindows.cxx
+++ b/toolkit/source/awt/vclxwindows.cxx
@@ -207,6 +207,7 @@ namespace toolkit
void VCLXGraphicControl::ImplGetPropertyIds( std::vector< sal_uInt16 > &rIds )
{
+ PushPropertyIds(rIds, BASEPROPERTY_REFERER, 0);
VCLXWindow::ImplGetPropertyIds( rIds );
}
diff --git a/toolkit/source/controls/dialogcontrol.cxx
b/toolkit/source/controls/dialogcontrol.cxx
index d260dce6ad7c..26b195e03c23 100644
--- a/toolkit/source/controls/dialogcontrol.cxx
+++ b/toolkit/source/controls/dialogcontrol.cxx
@@ -410,7 +410,7 @@ void UnoDialogControl::PrepareWindowDescriptor(
css::awt::WindowDescriptor& rDes
( !aImageURL.isEmpty() ))
{
OUString absoluteUrl =
getPhysicalLocation(ImplGetPropertyValue(PROPERTY_DIALOGSOURCEURL),
uno::makeAny(aImageURL));
- xGraphic = ImageHelper::getGraphicFromURL_nothrow( absoluteUrl );
+ xGraphic = ImageHelper::getGraphicFromURL_nothrow( absoluteUrl, "" );
ImplSetPropertyValue( PROPERTY_GRAPHIC, uno::makeAny( xGraphic ), true
);
}
}
@@ -623,7 +623,7 @@ void UnoDialogControl::ImplModelPropertiesChanged( const
Sequence< PropertyChang
( !aImageURL.isEmpty() ))
{
OUString absoluteUrl =
getPhysicalLocation(ImplGetPropertyValue(GetPropertyName(BASEPROPERTY_DIALOGSOURCEURL)),
uno::makeAny(aImageURL));
- xGraphic = ImageHelper::getGraphicFromURL_nothrow( absoluteUrl
);
+ xGraphic = ImageHelper::getGraphicFromURL_nothrow(
absoluteUrl, "" );
}
ImplSetPropertyValue( GetPropertyName( BASEPROPERTY_GRAPHIC),
uno::makeAny( xGraphic ), true );
break;
diff --git a/toolkit/source/controls/unocontrols.cxx
b/toolkit/source/controls/unocontrols.cxx
index cbb04926bd95..c26706b1b4ee 100644
--- a/toolkit/source/controls/unocontrols.cxx
+++ b/toolkit/source/controls/unocontrols.cxx
@@ -34,6 +34,7 @@
#include <toolkit/helper/property.hxx>
#include <toolkit/helper/servicenames.hxx>
#include <toolkit/helper/macros.hxx>
+#include <unotools/securityoptions.hxx>
// for introspection
#include <toolkit/awt/vclxwindows.hxx>
@@ -60,14 +61,14 @@ uno::Reference< graphic::XGraphic >
ImageHelper::getGraphicAndGraphicObjectFromURL_nothrow( uno::Reference<
graphic::XGraphicObject >& xOutGraphicObj, const OUString& _rURL )
{
xOutGraphicObj = nullptr;
- return ImageHelper::getGraphicFromURL_nothrow( _rURL );
+ return ImageHelper::getGraphicFromURL_nothrow( _rURL, "" );
}
css::uno::Reference< css::graphic::XGraphic >
-ImageHelper::getGraphicFromURL_nothrow( const OUString& _rURL )
+ImageHelper::getGraphicFromURL_nothrow( const OUString& _rURL, OUString const
& referer )
{
uno::Reference< graphic::XGraphic > xGraphic;
- if ( _rURL.isEmpty() )
+ if ( _rURL.isEmpty() || SvtSecurityOptions().isUntrustedReferer(referer) )
return xGraphic;
try
@@ -616,7 +617,11 @@ void SAL_CALL
GraphicControlModel::setFastPropertyValue_NoBroadcast( sal_Int32 n
mbAdjustingGraphic = true;
OUString sImageURL;
OSL_VERIFY( rValue >>= sImageURL );
- setDependentFastPropertyValue( BASEPROPERTY_GRAPHIC,
uno::makeAny( ImageHelper::getGraphicFromURL_nothrow( sImageURL ) ) );
+ css::uno::Any any;
+ getFastPropertyValue(any, BASEPROPERTY_REFERER);
+ OUString referer;
+ any >>= referer;
+ setDependentFastPropertyValue( BASEPROPERTY_GRAPHIC,
uno::makeAny( ImageHelper::getGraphicFromURL_nothrow( sImageURL, referer ) ) );
mbAdjustingGraphic = false;
}
break;
diff --git a/toolkit/source/helper/property.cxx
b/toolkit/source/helper/property.cxx
index b09b0a7e8fff..43f979d53504 100644
--- a/toolkit/source/helper/property.cxx
+++ b/toolkit/source/helper/property.cxx
@@ -263,6 +263,8 @@ static ImplPropertyInfo* ImplGetPropertyInfos( sal_uInt16&
rElementCount )
DECL_PROP_3 ( "InactiveSelectionBackgroundColor",
INACTIVE_SEL_BACKGROUND_COLOR, sal_Int32, BOUND, MAYBEDEFAULT, MAYBEVOID ),
DECL_PROP_3 ( "ActiveSelectionTextColor",
ACTIVE_SEL_TEXT_COLOR, sal_Int32, BOUND, MAYBEDEFAULT, MAYBEVOID ),
DECL_PROP_3 ( "InactiveSelectionTextColor",
INACTIVE_SEL_TEXT_COLOR, sal_Int32, BOUND, MAYBEDEFAULT, MAYBEVOID ),
+
+ DECL_PROP_2("Referer", REFERER, OUString, BOUND, MAYBEVOID),
};
rElementCount = SAL_N_ELEMENTS(aImplPropertyInfos);
return aImplPropertyInfos;
diff --git a/xmloff/source/forms/elementimport.cxx
b/xmloff/source/forms/elementimport.cxx
index fa3289e73826..47e9979b6221 100644
--- a/xmloff/source/forms/elementimport.cxx
+++ b/xmloff/source/forms/elementimport.cxx
@@ -554,6 +554,15 @@ namespace xmloff
OSL_ENSURE(xPure.is(),
OStringBuffer("OElementImport::createElement: service
factory gave me no object (service name:
").append(OUStringToOString(m_sServiceName,
RTL_TEXTENCODING_ASCII_US)).append(")!").getStr());
xReturn.set(xPure, UNO_QUERY);
+ if (auto const props = Reference<css::beans::XPropertySet>(xPure,
css::uno::UNO_QUERY))
+ {
+ try {
+ props->setPropertyValue(
+ "Referer",
css::uno::Any(m_rFormImport.getGlobalContext().GetBaseURL()));
+ } catch (css::uno::Exception &) {
+ TOOLS_INFO_EXCEPTION("xmloff.forms", "setPropertyValue
Referer failed");
+ }
+ }
}
else
OSL_FAIL("OElementImport::createElement: no service name to create
an element!");
