extensions/source/update/check/download.cxx |    2 ++
 1 file changed, 2 insertions(+)

New commits:
commit 9d1f32a4308c9f699cb52aecc11566afb7d0d3f7
Author: Michael Stahl <mst...@redhat.com>
Date:   Wed Aug 9 17:38:14 2017 +0200

    desktop,extensions: updater: only allow redirects to HTTP/HTTPS
    
    Configure curl to prevent redirects to other protocols.
    
    Change-Id: Ied73b3d9a062ea6e0a1d594f4c12162dffd6c4a7
    (cherry picked from commit bd60bbfbdfbeb2687297e4512ddbea62a394ae67)
    Reviewed-on: https://gerrit.libreoffice.org/40937
    Tested-by: Jenkins <c...@libreoffice.org>
    Reviewed-by: Markus Mohrhard <markus.mohrh...@googlemail.com>

diff --git a/extensions/source/update/check/download.cxx 
b/extensions/source/update/check/download.cxx
index 4b4afea5523d..555b377c845d 100644
--- a/extensions/source/update/check/download.cxx
+++ b/extensions/source/update/check/download.cxx
@@ -238,6 +238,8 @@ bool curl_run(const OUString& rURL, OutData& out, const 
OString& aProxyHost, sal
 
         // enable redirection
         curl_easy_setopt(pCURL, CURLOPT_FOLLOWLOCATION, 1);
+        // only allow redirect to http:// and https://
+        curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | 
CURLPROTO_HTTPS);
 
         // write function
         curl_easy_setopt(pCURL, CURLOPT_WRITEDATA, &out);
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to