eabdullin
50fd5124e0
- add some protocols that don't make sense as floating frame targets - warn about exotic protocols as well - default to ignoring libreoffice special-purpose protocols in calc hyperlink - reuse AllowedLinkProtocolFromDocument in writer - reuse AllowedLinkProtocolFromDocument in impress/draw - CVE-2023-6186 backporting
55 lines
2.2 KiB
Diff
55 lines
2.2 KiB
Diff
From eaa66eec69ec311b73521c6ce410a749c810298f Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
|
|
Date: Thu, 20 Apr 2023 20:58:21 +0100
|
|
Subject: [PATCH 3/3] assume IFrame script/macro support isn't needed
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
seems undocumented at least
|
|
|
|
Change-Id: I316e4f4f25ddb7cf6b7bac4d856a721b987207a3
|
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151020
|
|
Tested-by: Jenkins
|
|
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
|
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152150
|
|
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
|
|
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
|
|
(cherry picked from commit 4b679f8e16bc050bc0cc9fa9294413c8115ed239)
|
|
---
|
|
sfx2/source/doc/iframe.cxx | 12 ++++--------
|
|
1 file changed, 4 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/sfx2/source/doc/iframe.cxx b/sfx2/source/doc/iframe.cxx
|
|
index fce6cb48ea08f..84d724f7c58f3 100644
|
|
--- a/sfx2/source/doc/iframe.cxx
|
|
+++ b/sfx2/source/doc/iframe.cxx
|
|
@@ -168,20 +168,16 @@ sal_Bool SAL_CALL IFrameObject::load(
|
|
uno::Reference < util::XURLTransformer > xTrans( util::URLTransformer::create( mxContext ) );
|
|
xTrans->parseStrict( aTargetURL );
|
|
|
|
+ INetURLObject aURLObject(aTargetURL.Complete);
|
|
+ if (aURLObject.GetProtocol() == INetProtocol::Macro || aURLObject.isSchemeEqualTo(u"vnd.sun.star.script"))
|
|
+ return false;
|
|
+
|
|
uno::Reference<frame::XFramesSupplier> xParentFrame = xFrame->getCreator();
|
|
SfxObjectShell* pDoc = SfxMacroLoader::GetObjectShell(xParentFrame);
|
|
|
|
- if (INetURLObject(aTargetURL.Complete).GetProtocol() == INetProtocol::Macro)
|
|
- {
|
|
- if (pDoc && !pDoc->AdjustMacroMode())
|
|
- return false;
|
|
- }
|
|
-
|
|
bool bUpdateAllowed(true);
|
|
if (pDoc)
|
|
{
|
|
- // perhaps should only check for file targets, but lets default to making it strong
|
|
- // unless there is a known need to distinguish
|
|
comphelper::EmbeddedObjectContainer& rEmbeddedObjectContainer = pDoc->getEmbeddedObjectContainer();
|
|
bUpdateAllowed = rEmbeddedObjectContainer.getUserAllowsLinkUpdate();
|
|
}
|
|
--
|
|
2.41.0
|
|
|