src/plugin/PluginClientBase.cpp - Issue 10955040: Fix domain whitelisting and remove unused code

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Side by Side Diff: src/plugin/PluginClientBase.cpp

Issue 10955040: Fix domain whitelisting and remove unused code (Closed)

Patch Set: Created June 25, 2013, 10:21 a.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View unified diff | Download patch

OLD	NEW
1 #include "PluginStdAfx.h"	1 #include "PluginStdAfx.h"

2	2

3 // Internet / FTP	3 // Internet / FTP

4 #include <wininet.h>	4 #include <wininet.h>

5	5

6 // IP adapter	6 // IP adapter

7 #include <iphlpapi.h>	7 #include <iphlpapi.h>

8	8

9 #include "PluginSettings.h"	9 #include "PluginSettings.h"

10 #include "PluginSystem.h"	10 #include "PluginSystem.h"

(...skipping 34 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
45 {	45 {

46 return domain != ABPDOMAIN &&	46 return domain != ABPDOMAIN &&

47 domain != USERS_HOST &&	47 domain != USERS_HOST &&

48 domain != L"about:blank" &&	48 domain != L"about:blank" &&

49 domain != L"about:tabs" &&	49 domain != L"about:tabs" &&

50 domain.Find(L"javascript:") != 0 &&	50 domain.Find(L"javascript:") != 0 &&

51 !domain.IsEmpty();	51 !domain.IsEmpty();

52 }	52 }

53	53

54	54

55 CString CPluginClientBase::ExtractDomain(const CString& url)

56 {

57 int pos = 0;

58 CString http = url.Find('/',pos) >= 0 ? url.Tokenize(L"/", pos) : L"";

59 CString domain = url.Tokenize(L"/", pos);

60

61 domain.MakeLower();

62

63 return domain;

64 }

65

66

67 CString& CPluginClientBase::UnescapeUrl(CString& url)	55 CString& CPluginClientBase::UnescapeUrl(CString& url)

68 {	56 {

69 CString unescapedUrl;	57 CString unescapedUrl;

70 DWORD cb = 2048;	58 DWORD cb = 2048;

71	59

72 if (SUCCEEDED(::UrlUnescape(url.GetBuffer(), unescapedUrl.GetBufferSetLength(c b), &cb, 0)))	60 if (SUCCEEDED(::UrlUnescape(url.GetBuffer(), unescapedUrl.GetBufferSetLength(c b), &cb, 0)))

73 {	61 {

74 unescapedUrl.ReleaseBuffer();	62 unescapedUrl.ReleaseBuffer();

75 unescapedUrl.Truncate(cb);	63 unescapedUrl.Truncate(cb);

76	64

(...skipping 71 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
148	136

149 hasError = true;	137 hasError = true;

150	138

151 s_pluginErrors.erase(it);	139 s_pluginErrors.erase(it);

152 }	140 }

153 }	141 }

154 s_criticalSectionLocal.Unlock();	142 s_criticalSectionLocal.Unlock();

155	143

156 return hasError;	144 return hasError;

157 }	145 }

158

159 // ============================================================================

160 // Whitelisting

161 // ============================================================================

162

163 #ifdef SUPPORT_WHITELIST

164

165 bool CPluginClientBase::IsUrlWhiteListed(const CString& url)

166 {

167 if (url.IsEmpty())

168 {

169 return false;

170 }

171

172 int pos = 0;

173 CString scheme = url.Find('/',pos) >= 0 ? url.Tokenize(L"/", pos) : L"";

174 CString domain = ExtractDomain(url);

175 if (scheme == L"res:" \|\| scheme == L"file:")

176 {

177 return true;

178 }

179

180 // TODO: Caching whitelist entries in PluginSettings is redundant and wasteful . We should have an engine call for IsWhitelistedDomain.

181 CPluginSettings* pluginSettings = CPluginSettings::GetInstance();

182 pluginSettings->RefreshWhitelist();

183 return pluginSettings->IsWhiteListedDomain(domain);

184 }

185

186 #endif // SUPPORT_WHITELIST

OLD	NEW

« src/engine/main.cpp ('K') | « src/plugin/PluginClientBase.h ('k') | src/plugin/PluginFilter.h » ('j') | src/plugin/PluginTabBase.cpp » ('J')