[Libreoffice-commits] core.git: Branch 'libreoffice-6-3' - include/sfx2 sfx2/source
Caolán McNamara (via logerrit)
logerrit at kemper.freedesktop.org
Fri Jul 26 12:37:36 UTC 2019
include/sfx2/objsh.hxx | 2 ++
sfx2/source/doc/objmisc.cxx | 6 +-----
sfx2/source/notify/eventsupplier.cxx | 18 ++++++++++++------
3 files changed, 15 insertions(+), 11 deletions(-)
New commits:
commit 85cbe1f06703c0b8e1f15a3d969202d99c66f34b
Author: Caolán McNamara <caolanm at redhat.com>
AuthorDate: Tue Jul 23 15:31:05 2019 +0100
Commit: Caolán McNamara <caolanm at redhat.com>
CommitDate: Fri Jul 26 14:36:53 2019 +0200
expand LibreLogo check to global events
Change-Id: I7f436983ba0eb4b76b02d08ee52626e54b103d5f
Reviewed-on: https://gerrit.libreoffice.org/76194
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl at cib.de>
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx
index eaa93afd72da..d982aa1d20d7 100644
--- a/include/sfx2/objsh.hxx
+++ b/include/sfx2/objsh.hxx
@@ -392,6 +392,8 @@ public:
*/
bool AdjustMacroMode();
+ static bool UnTrustedScript(const OUString& rScriptURL);
+
SvKeyValueIterator* GetHeaderAttributes();
void ClearHeaderAttributesForSourceViewHack();
void SetHeaderAttributesForSourceViewHack();
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index d44b55e6b753..0e188b925784 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1344,16 +1344,12 @@ namespace
}
}
-namespace {
-
// don't allow LibreLogo to be used with our mouseover/etc dom-alike events
-bool UnTrustedScript(const OUString& rScriptURL)
+bool SfxObjectShell::UnTrustedScript(const OUString& rScriptURL)
{
return rScriptURL.startsWithIgnoreAsciiCase("vnd.sun.star.script:LibreLogo");
}
-}
-
ErrCode SfxObjectShell::CallXScript( const Reference< XInterface >& _rxScriptContext, const OUString& _rScriptURL,
const Sequence< Any >& aParams, Any& aRet, Sequence< sal_Int16 >& aOutParamIndex, Sequence< Any >& aOutParam, bool bRaiseError, const css::uno::Any* pCaller )
{
diff --git a/sfx2/source/notify/eventsupplier.cxx b/sfx2/source/notify/eventsupplier.cxx
index 0be25c894451..b434122ed789 100644
--- a/sfx2/source/notify/eventsupplier.cxx
+++ b/sfx2/source/notify/eventsupplier.cxx
@@ -206,18 +206,24 @@ void SfxEvents_Impl::Execute( uno::Any const & aEventData, const document::Docum
else if (aType == "Service" ||
aType == "Script")
{
- if ( !aScript.isEmpty() )
+ bool bAllowed = false;
+ util::URL aURL;
+ if (!aScript.isEmpty())
{
- SfxViewFrame* pView = pDoc ?
- SfxViewFrame::GetFirst( pDoc ) :
- SfxViewFrame::Current();
-
uno::Reference < util::XURLTransformer > xTrans( util::URLTransformer::create( ::comphelper::getProcessComponentContext() ) );
- util::URL aURL;
aURL.Complete = aScript;
xTrans->parseStrict( aURL );
+ bAllowed = !SfxObjectShell::UnTrustedScript(aURL.Complete);
+ }
+
+ if (bAllowed)
+ {
+ SfxViewFrame* pView = pDoc ?
+ SfxViewFrame::GetFirst( pDoc ) :
+ SfxViewFrame::Current();
+
uno::Reference
< frame::XDispatchProvider > xProv;
More information about the Libreoffice-commits
mailing list