Rebased ref, commits from common ancestor:
commit 64e3aacf59d345ed8f8ccdbdc20c4d5320831a79
Author: Thorsten Behrens <thorsten.behr...@allotropia.de>
AuthorDate: Wed Dec 6 06:33:02 2023 +0100
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Wed Dec 6 10:41:59 2023 +0100
Bump version to 6.4.0.22
Change-Id: Ife20720d3cd9725a5bf40e4f1433261b790231cf
diff --git a/configure.ac b/configure.ac
index 39cc33d13928..ac34e147b005 100644
--- a/configure.ac
+++ b/configure.ac
@@ -9,7 +9,7 @@ dnl in order to create a configure script.
# several non-alphanumeric characters, those are split off and used only for
the
# ABOUTBOXPRODUCTVERSIONSUFFIX in openoffice.lst. Why that is necessary, no
idea.
-AC_INIT([CIB Office],[6.4.0.21],[],[],[https://www.cib.de/office/])
+AC_INIT([CIB Office],[6.4.0.22],[],[],[https://www.cib.de/office/])
dnl libnumbertext needs autoconf 2.68, but that can pick up autoconf268 just
fine if it is installed
dnl whereas aclocal (as run by autogen.sh) insists on using autoconf and fails
hard
commit 847de5dfc3997886035a96b1755c07450ef6dfa9
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Fri Nov 17 08:57:09 2023 +0000
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Wed Dec 6 10:41:59 2023 +0100
we can have just one LoadURL for writer
Change-Id: Ia0162ee1c275292fcf200bad4662e4c2c6b7b972
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159557
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 521ca9cf6acbae96cf95d9740859c9682212013d)
diff --git a/sw/inc/swurl.hxx b/sw/inc/swurl.hxx
index ec88a639a4e9..87375f30c8b7 100644
--- a/sw/inc/swurl.hxx
+++ b/sw/inc/swurl.hxx
@@ -23,7 +23,6 @@
#include <o3tl/typed_flags_set.hxx>
class SwViewShell;
-class SwView;
enum class LoadUrlFlags {
NONE = 0x00,
@@ -36,10 +35,6 @@ namespace o3tl {
void LoadURL( SwViewShell& rSh, const OUString& rName,
LoadUrlFlags nFilter, const OUString& rTargetFrameName );
-void LoadURL( SwView& rView, const OUString& rName,
- LoadUrlFlags nFilter, const OUString& rTargetFrameName );
-
-
#endif
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sw/source/uibase/shells/drwtxtex.cxx
b/sw/source/uibase/shells/drwtxtex.cxx
index 820b131e60b6..0e3ba07c3973 100644
--- a/sw/source/uibase/shells/drwtxtex.cxx
+++ b/sw/source/uibase/shells/drwtxtex.cxx
@@ -545,7 +545,7 @@ void SwDrawTextShell::Execute( SfxRequest &rReq )
const SvxFieldData* pField = pOLV->GetFieldAtCursor();
if (const SvxURLField* pURLField = dynamic_cast<const
SvxURLField*>(pField))
{
- ::LoadURL(GetView(), pURLField->GetURL(), LoadUrlFlags::NONE,
+ ::LoadURL(GetShell(), pURLField->GetURL(), LoadUrlFlags::NONE,
pURLField->GetTargetFrame());
}
}
commit df87d705a49125c5438eba1f14972134acb55960
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Wed Nov 15 21:01:48 2023 +0000
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Wed Dec 6 10:41:59 2023 +0100
combine these hyperlink dispatchers into one call
Conflicts:
sw/source/uibase/shells/drwtxtex.cxx
sw/source/uibase/wrtsh/wrtsh2.cxx
Change-Id: Icb7822e811013de648ccf2fbb23a5f0be9e29bb0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159489
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 0df175ccc6ea542bc5801f631ff72bed187042eb)
diff --git a/sw/inc/swurl.hxx b/sw/inc/swurl.hxx
index 87375f30c8b7..ec88a639a4e9 100644
--- a/sw/inc/swurl.hxx
+++ b/sw/inc/swurl.hxx
@@ -23,6 +23,7 @@
#include <o3tl/typed_flags_set.hxx>
class SwViewShell;
+class SwView;
enum class LoadUrlFlags {
NONE = 0x00,
@@ -35,6 +36,10 @@ namespace o3tl {
void LoadURL( SwViewShell& rSh, const OUString& rName,
LoadUrlFlags nFilter, const OUString& rTargetFrameName );
+void LoadURL( SwView& rView, const OUString& rName,
+ LoadUrlFlags nFilter, const OUString& rTargetFrameName );
+
+
#endif
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sw/source/uibase/shells/drwtxtex.cxx
b/sw/source/uibase/shells/drwtxtex.cxx
index 0e3ba07c3973..820b131e60b6 100644
--- a/sw/source/uibase/shells/drwtxtex.cxx
+++ b/sw/source/uibase/shells/drwtxtex.cxx
@@ -545,7 +545,7 @@ void SwDrawTextShell::Execute( SfxRequest &rReq )
const SvxFieldData* pField = pOLV->GetFieldAtCursor();
if (const SvxURLField* pURLField = dynamic_cast<const
SvxURLField*>(pField))
{
- ::LoadURL(GetShell(), pURLField->GetURL(), LoadUrlFlags::NONE,
+ ::LoadURL(GetView(), pURLField->GetURL(), LoadUrlFlags::NONE,
pURLField->GetTargetFrame());
}
}
diff --git a/sw/source/uibase/wrtsh/wrtsh2.cxx
b/sw/source/uibase/wrtsh/wrtsh2.cxx
index 4b98417ac788..1cb9e1b46861 100644
--- a/sw/source/uibase/wrtsh/wrtsh2.cxx
+++ b/sw/source/uibase/wrtsh/wrtsh2.cxx
@@ -491,9 +491,9 @@ bool SwWrtShell::ClickToINetGrf( const Point& rDocPt,
LoadUrlFlags nFilter )
static void LoadURL(SwView& rView, const OUString& rURL, LoadUrlFlags nFilter,
const OUString& rTargetFrameName)
{
- SwDocShell* pDShell = rSh.GetView().GetDocShell();
+ SwDocShell* pDShell = rView.GetDocShell();
OSL_ENSURE( pDShell, "No DocShell?!");
- SfxViewFrame& rViewFrame = *rSh.GetView().GetViewFrame();
+ SfxViewFrame& rViewFrame = *rView.GetViewFrame();
if (!SfxObjectShell::AllowedLinkProtocolFromDocument(rURL, pDShell,
rViewFrame.GetFrameWeld()))
return;
commit d50a5aff79525c81c98863ecc9cbff40bc91fe9a
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Wed Nov 15 12:55:58 2023 +0000
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Wed Dec 6 10:41:58 2023 +0100
reuse AllowedLinkProtocolFromDocument in writer
Conflicts:
sw/source/uibase/wrtsh/wrtsh2.cxx
Change-Id: Iacf5e313fc6ca5f7d69ca6986a036f0e1ab1f2a0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159488
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 32535dfa82200b54296838b52285c054fbe5e51d)
diff --git a/sw/source/uibase/wrtsh/wrtsh2.cxx
b/sw/source/uibase/wrtsh/wrtsh2.cxx
index 543644d3b997..4b98417ac788 100644
--- a/sw/source/uibase/wrtsh/wrtsh2.cxx
+++ b/sw/source/uibase/wrtsh/wrtsh2.cxx
@@ -491,11 +491,11 @@ bool SwWrtShell::ClickToINetGrf( const Point& rDocPt,
LoadUrlFlags nFilter )
static void LoadURL(SwView& rView, const OUString& rURL, LoadUrlFlags nFilter,
const OUString& rTargetFrameName)
{
- SwDocShell* pDShell = rView.GetDocShell();
+ SwDocShell* pDShell = rSh.GetView().GetDocShell();
OSL_ENSURE( pDShell, "No DocShell?!");
- SfxViewFrame* pViewFrame = rView.GetViewFrame();
+ SfxViewFrame& rViewFrame = *rSh.GetView().GetViewFrame();
- if (!SfxObjectShell::AllowedLinkProtocolFromDocument(rURL, pDShell,
pViewFrame->GetWindow().GetFrameWeld()))
+ if (!SfxObjectShell::AllowedLinkProtocolFromDocument(rURL, pDShell,
rViewFrame.GetFrameWeld()))
return;
// We are doing tiledRendering, let the client handles the URL loading,
@@ -520,7 +520,7 @@ static void LoadURL(SwView& rView, const OUString& rURL,
LoadUrlFlags nFilter,
OUString sReferer;
if( pDShell && pDShell->GetMedium() )
sReferer = pDShell->GetMedium()->GetName();
- SfxFrameItem aView( SID_DOCFRAME, pViewFrame );
+ SfxFrameItem aView( SID_DOCFRAME, &rViewFrame );
SfxStringItem aName( SID_FILE_NAME, rURL );
SfxStringItem aTargetFrameName( SID_TARGETNAME, sTargetFrame );
SfxStringItem aReferer( SID_REFERER, sReferer );
@@ -541,7 +541,7 @@ static void LoadURL(SwView& rView, const OUString& rURL,
LoadUrlFlags nFilter,
nullptr
};
- pViewFrame->GetDispatcher()->GetBindings()->Execute( SID_OPENDOC, aArr,
+ rViewFrame.GetDispatcher()->GetBindings()->Execute( SID_OPENDOC, aArr,
SfxCallMode::ASYNCHRON|SfxCallMode::RECORD );
}
commit ba3cfbbaf0f9cb4e5878e43527eb24107e71f770
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Mon Oct 16 15:21:03 2023 +0100
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Wed Dec 6 10:41:58 2023 +0100
check earlier on loading ole objects if parent doc is untrusted referer
Conflicts:
embeddedobj/source/commonembedding/persistence.cxx
Change-Id: Ib1169d5c40ca87f789c71b48124754e073895fcd
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158054
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
(cherry picked from commit 7273de2730022deb37a8c7f2fedbe7fc4551f9b5)
diff --git a/embeddedobj/source/commonembedding/persistence.cxx
b/embeddedobj/source/commonembedding/persistence.cxx
index f5e7bcdd09e4..f5444e16481a 100644
--- a/embeddedobj/source/commonembedding/persistence.cxx
+++ b/embeddedobj/source/commonembedding/persistence.cxx
@@ -51,10 +51,11 @@
#include <comphelper/storagehelper.hxx>
#include <comphelper/mimeconfighelper.hxx>
#include <comphelper/namedvaluecollection.hxx>
+#include <unotools/configmgr.hxx>
+#include <unotools/securityoptions.hxx>
#include <tools/diagnose_ex.h>
#include <sal/log.hxx>
-#include <unotools/configmgr.hxx>
#include "persistence.hxx"
using namespace ::com::sun::star;
@@ -359,20 +360,15 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::InitNewDocument_Impl()
return xDocument;
}
-
uno::Reference< util::XCloseable > OCommonEmbeddedObject::LoadLink_Impl()
{
- uno::Reference< util::XCloseable > xDocument( CreateDocument( m_xContext,
GetDocumentServiceName(),
- m_bEmbeddedScriptSupport,
m_bDocumentRecoverySupport ) );
-
- uno::Reference< frame::XLoadable > xLoadable( xDocument,
uno::UNO_QUERY_THROW );
-
sal_Int32 nLen = 2;
uno::Sequence< beans::PropertyValue > aArgs( nLen );
aArgs[0].Name = "URL";
aArgs[0].Value <<= m_aLinkURL;
aArgs[1].Name = "FilterName";
aArgs[1].Value <<= m_aLinkFilterName;
+
if ( m_bLinkHasPassword )
{
aArgs.realloc( ++nLen );
@@ -383,10 +379,22 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::LoadLink_Impl()
aArgs.realloc( m_aDocMediaDescriptor.getLength() + nLen );
for ( sal_Int32 nInd = 0; nInd < m_aDocMediaDescriptor.getLength(); nInd++
)
{
+ // return early if this document is not trusted to open links
+ if (m_aDocMediaDescriptor[nInd].Name == "Referer")
+ {
+ OUString referer;
+ m_aDocMediaDescriptor[nInd].Value >>= referer;
+ if (SvtSecurityOptions().isUntrustedReferer(referer))
+ return nullptr;
+ }
aArgs[nInd+nLen].Name = m_aDocMediaDescriptor[nInd].Name;
aArgs[nInd+nLen].Value = m_aDocMediaDescriptor[nInd].Value;
}
+ uno::Reference< util::XCloseable > xDocument( CreateDocument( m_xContext,
GetDocumentServiceName(),
+ m_bEmbeddedScriptSupport,
m_bDocumentRecoverySupport ) );
+ uno::Reference< frame::XLoadable > xLoadable( xDocument,
uno::UNO_QUERY_THROW );
+
try
{
// the document is not really an embedded one, it is a link
@@ -428,7 +436,6 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::LoadLink_Impl()
}
-
OUString OCommonEmbeddedObject::GetFilterName( sal_Int32 nVersion ) const
{
OUString aFilterName = GetPresetFilterName();
