[Libreoffice-commits] online.git: test/UnitSession.cpp wsd/LOOLWSD.cpp

Michael Meeks (via logerrit) logerrit at kemper.freedesktop.org
Tue Aug 11 16:13:24 UTC 2020 

 test/UnitSession.cpp |    3 ++-
 wsd/LOOLWSD.cpp      |    9 +++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

New commits:
commit 5544f5669b9f19ef53bd2b6a661737f58acf3867
Author:     Michael Meeks <michael.meeks at collabora.com>
AuthorDate: Tue Aug 11 15:17:20 2020 +0100
Commit:     Michael Meeks <michael.meeks at collabora.com>
CommitDate: Tue Aug 11 18:13:06 2020 +0200

    iOS likes to do extra escaping of an iframe's .src
    
    This yields a relevant Post request of:
    
    slideshow.svg%3FWOPISrc=https:%252F%252Fshare....
    slideshow.svg?WOPISrc=https%3A%2F%2Fshare....
    
    Which ends up trying to serve a file with a ?WOPISRC= suffix.
    Since we don't want anything 'odd' being served from the file-system
    anyway; get a bit more paranoid and clean that up.
    
    Change-Id: I39993e4629b0d01f34098391a0fa448ef8a9984e
    Reviewed-on: https://gerrit.libreoffice.org/c/online/+/100509
    Tested-by: Michael Meeks <michael.meeks at collabora.com>
    Reviewed-by: Michael Meeks <michael.meeks at collabora.com>

diff --git a/test/UnitSession.cpp b/test/UnitSession.cpp
index b81bd7cd3..ec8d1f9bf 100644
--- a/test/UnitSession.cpp
+++ b/test/UnitSession.cpp
@@ -200,7 +200,8 @@ UnitBase::TestResult UnitSession::testSlideShow()
 
         std::string encodedDoc;
         Poco::URI::encode(documentPath, ":/?", encodedDoc);
-        const std::string path = "/lool/" + encodedDoc + '/' + jail + '/' + dir + '/' + name;
+        const std::string ignoredSuffix = "%3FWOPISRC=madness"; // cf. iPhone.
+        const std::string path = "/lool/" + encodedDoc + '/' + jail + '/' + dir + '/' + name + ignoredSuffix;
         std::unique_ptr<Poco::Net::HTTPClientSession> session(
             helpers::createSession(Poco::URI(helpers::getTestServerURI())));
         Poco::Net::HTTPRequest requestSVG(Poco::Net::HTTPRequest::HTTP_GET, path);
diff --git a/wsd/LOOLWSD.cpp b/wsd/LOOLWSD.cpp
index b8c75e5b5..3756db0fb 100644
--- a/wsd/LOOLWSD.cpp
+++ b/wsd/LOOLWSD.cpp
@@ -3013,6 +3013,15 @@ private:
 
             std::string fileName;
             URI::decode(requestDetails[4], fileName);
+            // sanitize if we can
+            auto it = fileName.find_first_of("?&%#!");
+            if (it != std::string::npos)
+            {
+                std::string cleanedName = fileName.substr(0, it);
+                LOG_DBG("Cleaned unexpected parameters from filename: '" << fileName << "' to '" << cleanedName << "'");
+                fileName = cleanedName;
+            }
+
             const Path filePath(LOOLWSD::ChildRoot + requestDetails[2]
                                 + JAILED_DOCUMENT_ROOT + requestDetails[3] + '/' + fileName);
             const std::string filePathAnonym = LOOLWSD::anonymizeUrl(filePath.toString());

More information about the Libreoffice-commits mailing list