Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-10-01 02:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

hardened the restriction to image loading to avoid external resources in RSTextBrowser

Browse Source
This commit is contained in:
csoler 2016-01-13 00:08:27 -05:00
parent d55993d1e4
commit 2a8fc7fe01
1 changed files with 24 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
retroshare-gui/src/gui/common/RSTextBrowser.cpp
View File

@ -74,17 +74,32 @@ void RSTextBrowser::paintEvent(QPaintEvent *event)
QVariant RSTextBrowser::loadResource(int type, const QUrl &name)
{
std::cerr << "TEXTBROWSER loading ressource: type=" << type << " url=" << name.toString().toStdString() << std::endl;
std::cerr << "TEXTBROWSER: load ressource request: type=" << type << " scheme=" << name.scheme().toStdString() << ", url=" << name.toString().toStdString() << std::endl;
// case 1: always trust the image if it comes from an internal resource
if (mShowImages || type != QTextDocument::ImageResource || name.scheme().compare("data", Qt::CaseInsensitive) != 0) {
return QTextBrowser::loadResource(type, name);
}
if(name.scheme().compare("qrc",Qt::CaseInsensitive)==0 && type == QTextDocument::ImageResource)
{
std::cerr << "loading because it's qrc..." << std::endl;
return QTextBrowser::loadResource(type, name);
}
// case 2: only display if the ser allows it
if(name.scheme().compare("data",Qt::CaseInsensitive)==0 && mShowImages)
{
std::cerr << "loading because it's data and mShowImages is true..." << std::endl;
return QTextBrowser::loadResource(type, name);
}
// case 3: otherwise, do not display
std::cerr << "not loading " << std::endl;
if (mImageBlockWidget)
mImageBlockWidget->show();
if (mImageBlockWidget) {
mImageBlockWidget->show();
}
return QPixmap(":/trolltech/styles/commonstyle/images/file-16.png");
return QPixmap(":/trolltech/styles/commonstyle/images/file-16.png");
}
void RSTextBrowser::setImageBlockWidget(RSImageBlockWidget *widget)