extensions/source/update/check/download.cxx | 2 ++ 1 file changed, 2 insertions(+)
New commits: commit 3dceaeee4ff511f4c4b67846bdc5b87fda4a3633 Author: Michael Stahl <[email protected]> Date: Wed Aug 9 17:38:14 2017 +0200 desktop,extensions: updater: only allow redirects to HTTP/HTTPS Configure curl to prevent redirects to other protocols. Change-Id: Ied73b3d9a062ea6e0a1d594f4c12162dffd6c4a7 (cherry picked from commit bd60bbfbdfbeb2687297e4512ddbea62a394ae67) Reviewed-on: https://gerrit.libreoffice.org/40940 Tested-by: Jenkins <[email protected]> Reviewed-by: Markus Mohrhard <[email protected]> diff --git a/extensions/source/update/check/download.cxx b/extensions/source/update/check/download.cxx index 43320b51fbdc..3a822dd81c87 100644 --- a/extensions/source/update/check/download.cxx +++ b/extensions/source/update/check/download.cxx @@ -238,6 +238,8 @@ bool curl_run(const OUString& rURL, OutData& out, const OString& aProxyHost, sal // enable redirection curl_easy_setopt(pCURL, CURLOPT_FOLLOWLOCATION, 1); + // only allow redirect to http:// and https:// + curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); // write function curl_easy_setopt(pCURL, CURLOPT_WRITEDATA, &out); _______________________________________________ Libreoffice-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
