vv/fractal
1
0
Fork 0
Code Pull requests Projects Releases Packages Activity

room-history: Remove open action for files

Browse source 
Some files could contain malicious code. E.g. htm/html files can contain
an explode to take over a web browser. This makes it a little bit harder
to open a file by mistake.

Note: this resolves a security issue that was identified by the security
audit.

Part-of: <https://gitlab.gnome.org/GNOME/fractal/-/merge_requests/1153>
This commit is contained in:
Julian Sparber 2022-09-13 22:37:39 +02:00 committed by Marge Bot
parent 99911c3fcf
commit 9604fb9bd0
2 changed files with 7 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
data/resources/ui/content-message-file.ui
View file

@ -13,28 +13,15 @@
</object>
</child>
<child>
<object class="GtkBox">
<property name="visible" bind-source="ContentMessageFile" bind-property="compact" bind-flags="sync-create | invert-boolean"/>
<child>
<object class="GtkButton" id="open">
<property name="icon-name">document-open-symbolic</property>
<property name="tooltip-text" translatable="yes">Open</property>
<property name="action-name">event.file-open</property>
</object>
</child>
<child>
<object class="GtkButton" id="save">
<property name="icon-name">document-save-symbolic</property>
<property name="tooltip-text" translatable="yes">Save</property>
<property name="action-name">event.file-save</property>
</object>
</child>
<style>
<class name="linked"/>
</style>
<object class="GtkButton" id="save">
<property name="visible" bind-source="ContentMessageFile" bind-property="compact" bind-flags="sync-create | invert-boolean"/>
<property name="icon-name">document-save-symbolic</property>
<property name="tooltip-text" translatable="yes">Save</property>
<property name="action-name">event.file-save</property>
</object>
</child>
</object>
</child>
</template>
</interface>

63
src/session/room/event_actions.rs
View file

@ -10,9 +10,7 @@ use crate::{
event_source_dialog::EventSourceDialog,
room::{Event, RoomAction, SupportedEvent},
},
spawn, spawn_tokio, toast,
utils::cache_dir,
UserFacingError, Window,
spawn, spawn_tokio, toast, UserFacingError, Window,
};
// This is only save because the trait `EventActions` can
@ -184,15 +182,6 @@ where
widget.save_event_file(event);
})
);
// Open message's file
gtk_macros::action!(
&action_group,
"file-open",
clone!(@weak self as widget, @weak event => move |_, _| {
widget.open_event_file(event);
})
);
}
MessageType::Emote(message) => {
gtk_macros::action!(
@ -290,54 +279,4 @@ where
})
);
}
/// Open the file in `event`.
///
/// See [`SupportedEvent::get_media_content()`] for compatible events.
/// Panics on an incompatible event.
fn open_event_file(&self, event: SupportedEvent) {
spawn!(
glib::PRIORITY_LOW,
clone!(@weak self as obj => async move {
let (uid, filename, data) = match event.get_media_content().await {
Ok(res) => res,
Err(err) => {
error!("Could not get file: {}", err);
toast!(obj, err.to_user_facing());
return;
}
};
let mut path = cache_dir();
path.push(uid);
if !path.exists() {
let dir = gio::File::for_path(path.clone());
dir.make_directory_with_parents(gio::Cancellable::NONE)
.unwrap();
}
path.push(filename);
let file = gio::File::for_path(path);
file.replace_contents(
&data,
None,
false,
gio::FileCreateFlags::REPLACE_DESTINATION,
gio::Cancellable::NONE,
)
.unwrap();
if let Err(error) = gio::AppInfo::launch_default_for_uri_future(
&file.uri(),
gio::AppLaunchContext::NONE,
)
.await
{
error!("Error opening file '{}': {}", file.uri(), error);
}
})
);
}
}