From 28339afa157956d6ae4e68d0f8ce4eee6a254cfe Mon Sep 17 00:00:00 2001
From: Mnikolenko ProductEngine <mnikolenko@productengine.com>
Date: Tue, 22 Oct 2013 12:47:16 +0300
Subject: [PATCH] MAINT-535 'trust model' is added for secondlife:// URLs in
wiki style links. Chat history is marked as untrusted source now.
---
indra/llui/llscrolllistctrl.cpp | 2 +-
indra/llui/lltextbase.cpp | 4 +++-
indra/llui/lltextbase.h | 5 ++++-
indra/llui/llurlaction.cpp | 6 +++---
indra/llui/llurlaction.h | 4 ++--
indra/newview/llchathistory.cpp | 1 +
indra/newview/llurldispatcher.cpp | 6 +++---
indra/newview/llurldispatcher.h | 2 +-
indra/newview/llurldispatcherlistener.cpp | 2 +-
9 files changed, 19 insertions(+), 13 deletions(-)
diff --git a/indra/llui/llscrolllistctrl.cpp b/indra/llui/llscrolllistctrl.cpp
index 6e03f604a2f..594e1e150b1 100755
--- a/indra/llui/llscrolllistctrl.cpp
+++ b/indra/llui/llscrolllistctrl.cpp
@@ -1855,7 +1855,7 @@ void LLScrollListCtrl::showNameDetails(std::string id, bool is_group)
// open the resident's details or the group details
std::string sltype = is_group ? "group" : "agent";
std::string slurl = "secondlife:///app/" + sltype + "/" + id + "/about";
- LLUrlAction::clickAction(slurl);
+ LLUrlAction::clickAction(slurl, true);
}
void LLScrollListCtrl::copyNameToClipboard(std::string id, bool is_group)
diff --git a/indra/llui/lltextbase.cpp b/indra/llui/lltextbase.cpp
index 5ec4cf4fe5d..4144a42fd65 100755
--- a/indra/llui/lltextbase.cpp
+++ b/indra/llui/lltextbase.cpp
@@ -167,6 +167,7 @@ LLTextBase::Params::Params()
max_text_length("max_length", 255),
font_shadow("font_shadow"),
wrap("wrap"),
+ trusted_content("trusted_content", true),
use_ellipses("use_ellipses", false),
parse_urls("parse_urls", false),
parse_highlights("parse_highlights", false)
@@ -211,6 +212,7 @@ LLTextBase::LLTextBase(const LLTextBase::Params &p)
mLineSpacingPixels(p.line_spacing.pixels),
mClip(p.clip),
mClipPartial(p.clip_partial && !p.allow_scroll),
+ mTrustedContent(p.trusted_content),
mTrackEnd( p.track_end ),
mScrollIndex(-1),
mSelectionStart( 0 ),
@@ -3164,7 +3166,7 @@ BOOL LLNormalTextSegment::handleMouseUp(S32 x, S32 y, MASK mask)
// Only process the click if it's actually in this segment, not to the right of the end-of-line.
if(mEditor.getSegmentAtLocalPos(x, y, false) == this)
{
- LLUrlAction::clickAction(getStyle()->getLinkHREF());
+ LLUrlAction::clickAction(getStyle()->getLinkHREF(), mEditor.isContentTrusted());
return TRUE;
}
}
diff --git a/indra/llui/lltextbase.h b/indra/llui/lltextbase.h
index a74e97cac83..3603f55c3f4 100755
--- a/indra/llui/lltextbase.h
+++ b/indra/llui/lltextbase.h
@@ -291,7 +291,8 @@ class LLTextBase
parse_urls,
parse_highlights,
clip,
- clip_partial;
+ clip_partial,
+ trusted_content;
Optional<S32> v_pad,
h_pad;
@@ -361,6 +362,7 @@ class LLTextBase
bool getWordWrap() { return mWordWrap; }
bool getUseEllipses() { return mUseEllipses; }
bool truncate(); // returns true of truncation occurred
+ bool isContentTrusted() {return mTrustedContent;}
// TODO: move into LLTextSegment?
void createUrlContextMenu(S32 x, S32 y, const std::string &url); // create a popup context menu for the given Url
@@ -634,6 +636,7 @@ class LLTextBase
bool mBGVisible; // render background?
bool mClip; // clip text to widget rect
bool mClipPartial; // false if we show lines that are partially inside bounding rect
+ bool mTrustedContent; // if false, does not allow to execute SURL links from this editor
bool mPlainText; // didn't use Image or Icon segments
bool mAutoIndent;
S32 mMaxTextByteLength; // Maximum length mText is allowed to be in bytes
diff --git a/indra/llui/llurlaction.cpp b/indra/llui/llurlaction.cpp
index 23e574cb74f..12537d9dd18 100755
--- a/indra/llui/llurlaction.cpp
+++ b/indra/llui/llurlaction.cpp
@@ -87,14 +87,14 @@ void LLUrlAction::executeSLURL(std::string url)
{
if (sExecuteSLURLCallback)
{
- sExecuteSLURLCallback(url);
+ sExecuteSLURLCallback(url ,true);
}
}
-void LLUrlAction::clickAction(std::string url)
+void LLUrlAction::clickAction(std::string url, bool trusted_content)
{
// Try to handle as SLURL first, then http Url
- if ( (sExecuteSLURLCallback) && !sExecuteSLURLCallback(url) )
+ if ( (sExecuteSLURLCallback) && !sExecuteSLURLCallback(url, trusted_content) )
{
if (sOpenURLCallback)
{
diff --git a/indra/llui/llurlaction.h b/indra/llui/llurlaction.h
index e731376b95e..5f3626490ca 100755
--- a/indra/llui/llurlaction.h
+++ b/indra/llui/llurlaction.h
@@ -66,7 +66,7 @@ class LLUrlAction
static void showLocationOnMap(std::string url);
/// perform the appropriate action for left-clicking on a Url
- static void clickAction(std::string url);
+ static void clickAction(std::string url, bool trusted_content);
/// copy the label for a Url to the clipboard
static void copyLabelToClipboard(std::string url);
@@ -86,7 +86,7 @@ class LLUrlAction
/// specify the callbacks to enable this class's functionality
typedef boost::function<void (const std::string&)> url_callback_t;
- typedef boost::function<bool(const std::string& url)> execute_url_callback_t;
+ typedef boost::function<bool(const std::string& url, bool trusted_content)> execute_url_callback_t;
static void setOpenURLCallback(url_callback_t cb);
static void setOpenURLInternalCallback(url_callback_t cb);
diff --git a/indra/newview/llchathistory.cpp b/indra/newview/llchathistory.cpp
index 6c881b5717e..69aeec3975f 100755
--- a/indra/newview/llchathistory.cpp
+++ b/indra/newview/llchathistory.cpp
@@ -725,6 +725,7 @@ LLChatHistory::LLChatHistory(const LLChatHistory::Params& p)
editor_params.follows.flags = FOLLOWS_ALL;
editor_params.enabled = false; // read only
editor_params.show_context_menu = "true";
+ editor_params.trusted_content = false;
mEditor = LLUICtrlFactory::create<LLTextEditor>(editor_params, this);
mEditor->setIsFriendCallback(LLAvatarActions::isFriend);
}
diff --git a/indra/newview/llurldispatcher.cpp b/indra/newview/llurldispatcher.cpp
index 00b15a5f26e..0c34db39b58 100755
--- a/indra/newview/llurldispatcher.cpp
+++ b/indra/newview/llurldispatcher.cpp
@@ -307,7 +307,7 @@ bool LLURLDispatcher::dispatchRightClick(const std::string& slurl)
}
// static
-bool LLURLDispatcher::dispatchFromTextEditor(const std::string& slurl)
+bool LLURLDispatcher::dispatchFromTextEditor(const std::string& slurl, bool trusted_content)
{
// *NOTE: Text editors are considered sources of trusted URLs
// in order to make avatar profile links in chat history work.
@@ -315,9 +315,9 @@ bool LLURLDispatcher::dispatchFromTextEditor(const std::string& slurl)
// receiving resident will see it and must affirmatively
// click on it.
// *TODO: Make this trust model more refined. JC
- const bool trusted_browser = true;
+
LLMediaCtrl* web = NULL;
- return LLURLDispatcherImpl::dispatch(LLSLURL(slurl), "clicked", web, trusted_browser);
+ return LLURLDispatcherImpl::dispatch(LLSLURL(slurl), "clicked", web, trusted_content);
}
diff --git a/indra/newview/llurldispatcher.h b/indra/newview/llurldispatcher.h
index 6309a97af53..9b05260af11 100755
--- a/indra/newview/llurldispatcher.h
+++ b/indra/newview/llurldispatcher.h
@@ -53,7 +53,7 @@ class LLURLDispatcher
static bool dispatchRightClick(const std::string& slurl);
- static bool dispatchFromTextEditor(const std::string& slurl);
+ static bool dispatchFromTextEditor(const std::string& slurl, bool trusted_content);
};
#endif
diff --git a/indra/newview/llurldispatcherlistener.cpp b/indra/newview/llurldispatcherlistener.cpp
index c7b9afafefc..7545f3a9b3b 100755
--- a/indra/newview/llurldispatcherlistener.cpp
+++ b/indra/newview/llurldispatcherlistener.cpp
@@ -71,5 +71,5 @@ void LLURLDispatcherListener::dispatchRightClick(const LLSD& params) const
void LLURLDispatcherListener::dispatchFromTextEditor(const LLSD& params) const
{
- LLURLDispatcher::dispatchFromTextEditor(params["url"]);
+ LLURLDispatcher::dispatchFromTextEditor(params["url"], false);
}
--
GitLab