Merge pull request #1143 from csoler/v0.6-SecurityFixes

removed extra links from chat widget, since normal links can be used …
This commit is contained in:
csoler 2018-01-03 20:33:25 +01:00 committed by GitHub
commit 0078b9caf1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1589,10 +1589,9 @@ void ChatWidget::fileHashingFinished(QList<HashedFile> hashedFiles)
RetroShareLink link;
if(mDefaultExtraFileFlags & RS_FILE_REQ_ANONYMOUS_ROUTING)
link = RetroShareLink::createFile(hashedFile.filename, hashedFile.size, QString::fromStdString(hashedFile.hash.toStdString()));
else
link = RetroShareLink::createExtraFile(hashedFile.filename, hashedFile.size, QString::fromStdString(hashedFile.hash.toStdString()),QString::fromStdString(rsPeers->getOwnId().toStdString()));
// We dont use extra links anymore, since files in the extra list can always be accessed using anonymous+encrypted FT.
link = RetroShareLink::createFile(hashedFile.filename, hashedFile.size, QString::fromStdString(hashedFile.hash.toStdString()));
if (hashedFile.flag & HashedFile::Picture) {
message += QString("<img src=\"file:///%1\" width=\"100\" height=\"100\">").arg(hashedFile.filepath);