From ade2a7128691e1141fd4e3e9179475e24a262b07 Mon Sep 17 00:00:00 2001 From: Marco Martin Date: Thu, 21 Oct 2010 19:02:29 +0000 Subject: [PATCH] check with the authorization manager whether to allow the import of a certain url (unfortunatel doesn't seem to be any way to block local absolute paths :/) svn path=/trunk/KDE/kdebase/runtime/; revision=1188241 --- .../declarative/packageaccessmanager.cpp | 39 +++++++++++++++++-- .../declarative/packageaccessmanager.h | 8 +++- .../packageaccessmanagerfactory.cpp | 8 ++-- .../declarative/packageaccessmanagerfactory.h | 6 ++- 4 files changed, 51 insertions(+), 10 deletions(-) diff --git a/scriptengines/javascript/declarative/packageaccessmanager.cpp b/scriptengines/javascript/declarative/packageaccessmanager.cpp index 302ab1152..fb5b3ecbd 100644 --- a/scriptengines/javascript/declarative/packageaccessmanager.cpp +++ b/scriptengines/javascript/declarative/packageaccessmanager.cpp @@ -19,11 +19,38 @@ #include "packageaccessmanager.h" +#include + #include -PackageAccessManager::PackageAccessManager(const Plasma::Package *package, QObject *parent) +#include "plasmoid/appletauthorization.h" + +class ErrorReply : public QNetworkReply +{ +public: + ErrorReply(QNetworkAccessManager::Operation op, const QNetworkRequest &req) + : QNetworkReply() + { + setError(QNetworkReply::ContentOperationNotPermittedError, "The plasmoid has not been authorized to load remote content"); + setOperation(op); + setRequest(req); + setUrl(req.url()); + } + + qint64 readData(char *data, qint64 maxSize) + { + return 0; + } + + void abort() + { + } +}; + +PackageAccessManager::PackageAccessManager(const Plasma::Package *package, AppletAuthorization *auth, QObject *parent) : KIO::AccessManager(parent), - m_package(package) + m_package(package), + m_auth(auth) { } @@ -32,7 +59,7 @@ PackageAccessManager::~PackageAccessManager() } -QNetworkReply *PackageAccessManager::createRequest(Operation op, const QNetworkRequest &req, QIODevice *outgoingData) +QNetworkReply *PackageAccessManager::createRequest(QNetworkAccessManager::Operation op, const QNetworkRequest &req, QIODevice *outgoingData) { QUrl reqUrl(req.url()); @@ -42,7 +69,11 @@ QNetworkReply *PackageAccessManager::createRequest(Operation op, const QNetworkR reqUrl.setPath(m_package->path()+"/contents/"+reqUrl.path()); request.setUrl(reqUrl); return KIO::AccessManager::createRequest(op, request, outgoingData); - } else { + } else if ((reqUrl.scheme() == "http" && !m_auth->authorizeRequiredExtension("http")) || + ((reqUrl.scheme() == "file" || reqUrl.scheme() == "desktop") && !m_auth->authorizeRequiredExtension("localio")) || + (!m_auth->authorizeRequiredExtension("networkio"))) { + return new ErrorReply(op, req); + }else { return KIO::AccessManager::createRequest(op, req, outgoingData); } } diff --git a/scriptengines/javascript/declarative/packageaccessmanager.h b/scriptengines/javascript/declarative/packageaccessmanager.h index 2d9ec0374..1735a0738 100644 --- a/scriptengines/javascript/declarative/packageaccessmanager.h +++ b/scriptengines/javascript/declarative/packageaccessmanager.h @@ -22,22 +22,26 @@ #include + namespace Plasma { class Package; } +class AppletAuthorization; + class PackageAccessManager : public KIO::AccessManager { public: - PackageAccessManager(const Plasma::Package *package, QObject *parent = 0); + PackageAccessManager(const Plasma::Package *package, AppletAuthorization *auth, QObject *parent = 0); ~PackageAccessManager(); protected: - QNetworkReply *createRequest(Operation op, const QNetworkRequest &req, QIODevice *outgoingData = 0); + QNetworkReply *createRequest(QNetworkAccessManager::Operation op, const QNetworkRequest &req, QIODevice *outgoingData = 0); private: const Plasma::Package *m_package; + AppletAuthorization *m_auth; }; #endif diff --git a/scriptengines/javascript/declarative/packageaccessmanagerfactory.cpp b/scriptengines/javascript/declarative/packageaccessmanagerfactory.cpp index 1031c9e1f..a30a45305 100644 --- a/scriptengines/javascript/declarative/packageaccessmanagerfactory.cpp +++ b/scriptengines/javascript/declarative/packageaccessmanagerfactory.cpp @@ -22,10 +22,12 @@ #include #include "packageaccessmanager.h" +#include "plasmoid/appletauthorization.h" -PackageAccessManagerFactory::PackageAccessManagerFactory(const Plasma::Package *package) +PackageAccessManagerFactory::PackageAccessManagerFactory(const Plasma::Package *package, AppletAuthorization *auth) : QDeclarativeNetworkAccessManagerFactory(), - m_package(package) + m_package(package), + m_auth(auth) { } @@ -35,7 +37,7 @@ PackageAccessManagerFactory::~PackageAccessManagerFactory() QNetworkAccessManager *PackageAccessManagerFactory::create(QObject *parent) { - return new PackageAccessManager(m_package, parent); + return new PackageAccessManager(m_package, m_auth, parent); } diff --git a/scriptengines/javascript/declarative/packageaccessmanagerfactory.h b/scriptengines/javascript/declarative/packageaccessmanagerfactory.h index d382c99d3..8b4ba0d12 100644 --- a/scriptengines/javascript/declarative/packageaccessmanagerfactory.h +++ b/scriptengines/javascript/declarative/packageaccessmanagerfactory.h @@ -22,20 +22,24 @@ #include + namespace Plasma { class Package; } +class AppletAuthorization; + class PackageAccessManagerFactory : public QDeclarativeNetworkAccessManagerFactory { public: - PackageAccessManagerFactory(const Plasma::Package *package); + PackageAccessManagerFactory(const Plasma::Package *package, AppletAuthorization *auth); ~PackageAccessManagerFactory(); QNetworkAccessManager *create(QObject *parent); private: const Plasma::Package *m_package; + AppletAuthorization *m_auth; }; #endif