Converge on SvtSecurityOptions::isTrustedLocation
Change-Id: Ibcf4b7d9d11295c7679637a37d41dc2960e04f8f
This commit is contained in:
Stephan Bergmann
@@ -188,6 +188,11 @@ class UNOTOOLS_DLLPUBLIC SAL_WARN_UNUSED SvtSecurityOptions : public utl::detail
|
||||
bool isSecureMacroUri(OUString const & uri, OUString const & referer)
|
||||
const;
|
||||
|
||||
/**
|
||||
Check whether the given uri is a trusted location.
|
||||
*/
|
||||
bool isTrustedLocationUri(OUString const & uri) const;
|
||||
|
||||
::com::sun::star::uno::Sequence< Certificate > GetTrustedAuthors ( ) const ;
|
||||
void SetTrustedAuthors ( const ::com::sun::star::uno::Sequence< Certificate >& rAuthors ) ;
|
||||
|
||||
|
||||
@@ -21,6 +21,7 @@
|
||||
#include <unotools/securityoptions.hxx>
|
||||
#include <unotools/configmgr.hxx>
|
||||
#include <unotools/configitem.hxx>
|
||||
#include <unotools/ucbhelper.hxx>
|
||||
#include <tools/debug.hxx>
|
||||
#include <com/sun/star/uno/Any.hxx>
|
||||
#include <com/sun/star/uno/Sequence.hxx>
|
||||
@@ -1041,29 +1042,27 @@ bool SvtSecurityOptions::isSecureMacroUri(
|
||||
}
|
||||
// fall through
|
||||
case INET_PROT_SLOT:
|
||||
if (referer.equalsIgnoreAsciiCase("private:user")) {
|
||||
return true;
|
||||
}
|
||||
{
|
||||
MutexGuard g(GetInitMutex());
|
||||
for (sal_Int32 i = 0;
|
||||
i != m_pDataContainer->m_seqSecureURLs.getLength(); ++i)
|
||||
{
|
||||
OUString pref(m_pDataContainer->m_seqSecureURLs[i]);
|
||||
pref.endsWith("/", &pref);
|
||||
if (referer.equalsIgnoreAsciiCase(pref)
|
||||
|| referer.startsWithIgnoreAsciiCase(pref + "/"))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
return referer.equalsIgnoreAsciiCase("private:user")
|
||||
|| isTrustedLocationUri(referer);
|
||||
default:
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
bool SvtSecurityOptions::isTrustedLocationUri(OUString const & uri) const {
|
||||
MutexGuard g(GetInitMutex());
|
||||
for (sal_Int32 i = 0; i != m_pDataContainer->m_seqSecureURLs.getLength();
|
||||
++i)
|
||||
{
|
||||
if (UCBContentHelper::IsSubPath(
|
||||
m_pDataContainer->m_seqSecureURLs[i], uri))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
sal_Int32 SvtSecurityOptions::GetMacroSecurityLevel() const
|
||||
{
|
||||
MutexGuard aGuard( GetInitMutex() );
|
||||
|
||||
@@ -36,12 +36,10 @@
|
||||
#include <com/sun/star/ucb/XCommandEnvironment.hpp>
|
||||
#include <com/sun/star/ucb/XCommandProcessor.hpp>
|
||||
#include <com/sun/star/ucb/Command.hpp>
|
||||
#include <tools/urlobj.hxx>
|
||||
#include <vcl/msgbox.hxx>
|
||||
#include <unotools/securityoptions.hxx>
|
||||
#include <com/sun/star/security/CertificateValidity.hpp>
|
||||
#include <com/sun/star/security/SerialNumberAdapter.hpp>
|
||||
#include <unotools/ucbhelper.hxx>
|
||||
#include "comphelper/documentconstants.hxx"
|
||||
|
||||
#include "com/sun/star/lang/IllegalArgumentException.hpp"
|
||||
@@ -439,17 +437,7 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif
|
||||
|
||||
::sal_Bool DocumentDigitalSignatures::isLocationTrusted( const OUString& Location ) throw (RuntimeException)
|
||||
{
|
||||
sal_Bool bFound = sal_False;
|
||||
INetURLObject aLocObj( Location );
|
||||
INetURLObject aLocObjLowCase( Location.toAsciiLowerCase() ); // will be used for case insensitive comparing
|
||||
|
||||
Sequence< OUString > aSecURLs = SvtSecurityOptions().GetSecureURLs();
|
||||
const OUString* pSecURLs = aSecURLs.getConstArray();
|
||||
const OUString* pSecURLsEnd = pSecURLs + aSecURLs.getLength();
|
||||
for ( ; pSecURLs != pSecURLsEnd && !bFound; ++pSecURLs )
|
||||
bFound = ::utl::UCBContentHelper::IsSubPath( *pSecURLs, Location );
|
||||
|
||||
return bFound;
|
||||
return SvtSecurityOptions().isTrustedLocationUri(Location);
|
||||
}
|
||||
|
||||
void DocumentDigitalSignatures::addAuthorToTrustedSources(
|
||||
|
||||
Reference in New Issue
Block a user