nextcloud-desktop/src/gui/guiutility.cpp
allexzander 013f3cea70 Validate sensitive URLs to onle allow http(s) schemes.
Signed-off-by: allexzander <blackslayer4@gmail.com>
2021-02-09 15:00:35 +02:00

106 lines
3.6 KiB
C++

/*
* Copyright (C) by Christian Kamm <mail@ckamm.de>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "guiutility.h"
#include <QClipboard>
#include <QApplication>
#include <QDesktopServices>
#include <QLoggingCategory>
#include <QMessageBox>
#include <QUrlQuery>
#include "common/asserts.h"
using namespace OCC;
Q_LOGGING_CATEGORY(lcUtility, "nextcloud.gui.utility", QtInfoMsg)
bool Utility::openBrowser(const QUrl &url, QWidget *errorWidgetParent)
{
const QStringList allowedUrlSchemes = {
"http",
"https",
"oauthtest"
};
if (!allowedUrlSchemes.contains(url.scheme())) {
qCWarning(lcUtility) << "URL format is not supported, or it has been compromised for:" << url.toString();
return false;
}
if (!QDesktopServices::openUrl(url)) {
if (errorWidgetParent) {
QMessageBox::warning(
errorWidgetParent,
QCoreApplication::translate("utility", "Could not open browser"),
QCoreApplication::translate("utility",
"There was an error when launching the browser to go to "
"URL %1. Maybe no default browser is configured?")
.arg(url.toString()));
}
qCWarning(lcUtility) << "QDesktopServices::openUrl failed for" << url;
return false;
}
return true;
}
bool Utility::openEmailComposer(const QString &subject, const QString &body, QWidget *errorWidgetParent)
{
QUrl url(QLatin1String("mailto:"));
QUrlQuery query;
query.setQueryItems({ { QLatin1String("subject"), subject },
{ QLatin1String("body"), body } });
url.setQuery(query);
if (!QDesktopServices::openUrl(url)) {
if (errorWidgetParent) {
QMessageBox::warning(
errorWidgetParent,
QCoreApplication::translate("utility", "Could not open email client"),
QCoreApplication::translate("utility",
"There was an error when launching the email client to "
"create a new message. Maybe no default email client is "
"configured?"));
}
qCWarning(lcUtility) << "QDesktopServices::openUrl failed for" << url;
return false;
}
return true;
}
QString Utility::vfsCurrentAvailabilityText(VfsItemAvailability availability)
{
switch(availability) {
case VfsItemAvailability::AlwaysLocal:
return QCoreApplication::translate("utility", "Always available locally");
case VfsItemAvailability::AllHydrated:
return QCoreApplication::translate("utility", "Currently available locally");
case VfsItemAvailability::Mixed:
return QCoreApplication::translate("utility", "Some available online only");
case VfsItemAvailability::AllDehydrated:
case VfsItemAvailability::OnlineOnly:
return QCoreApplication::translate("utility", "Available online only");
}
Q_UNREACHABLE();
}
QString Utility::vfsPinActionText()
{
return QCoreApplication::translate("utility", "Make always available locally");
}
QString Utility::vfsFreeSpaceActionText()
{
return QCoreApplication::translate("utility", "Free up local space");
}