void AccountSettings::slotOpenOC()
{
- if (_OCUrl.isValid())
- QDesktopServices::openUrl(_OCUrl);
+ if (_OCUrl.isValid()) {
+ Utility::openBrowser(_OCUrl);
+ }
}
void AccountSettings::slotUpdateQuota(qint64 total, qint64 used)
#include "theme.h"
#include "networkjobs.h"
#include "configfile.h"
+#include "guiutility.h"
namespace OCC {
{
case actionOpenBrowser:
// Try to open Browser
- if (!QDesktopServices::openUrl(authorisationLink())) {
+ if (!Utility::openBrowser(authorisationLink())) {
// We cannot open the browser, then we claim we don't support Flow2Auth.
// Our UI callee will ask the user to copy and open the link.
emit result(NotSupported);
#include "theme.h"
#include "networkjobs.h"
#include "creds/httpcredentials.h"
+#include "guiutility.h"
namespace OCC {
bool OAuth::openBrowser()
{
- if (!QDesktopServices::openUrl(authorisationLink())) {
+ if (!Utility::openBrowser(authorisationLink())) {
// We cannot open the browser, then we claim we don't support OAuth.
emit result(NotSupported, QString());
return false;
#include <QUrlQuery>
#include "common/asserts.h"
-
using namespace OCC;
Q_LOGGING_CATEGORY(lcUtility, "nextcloud.gui.utility", QtInfoMsg)
bool Utility::openBrowser(const QUrl &url, QWidget *errorWidgetParent)
{
+ const QStringList allowedUrlSchemes = {
+ "http",
+ "https",
+ "oauthtest"
+ };
+
+ if (!allowedUrlSchemes.contains(url.scheme())) {
+ qCWarning(lcUtility) << "URL format is not supported, or it has been compromised for:" << url.toString();
+ return false;
+ }
+
if (!QDesktopServices::openUrl(url)) {
if (errorWidgetParent) {
QMessageBox::warning(
#include "accountmanager.h"
#include "common/syncjournalfilerecord.h"
#include "creds/abstractcredentials.h"
+#include "guiutility.h"
#ifdef WITH_LIBCLOUDPROVIDERS
#include "cloudproviders/cloudprovidermanager.h"
#endif
void ownCloudGui::slotOpenOwnCloud()
{
if (auto account = qvariant_cast<AccountPtr>(sender()->property(propertyAccountC))) {
- QDesktopServices::openUrl(account->url());
+ Utility::openBrowser(account->url());
}
}
auto url = QUrl(data.value("url").toString());
if(!url.isEmpty())
- Utility::openBrowser(url, nullptr);
+ Utility::openBrowser(url);
});
job->start();
}
void OCC::SocketApi::openPrivateLink(const QString &link)
{
- Utility::openBrowser(link, nullptr);
+ Utility::openBrowser(link);
}
void SocketApi::command_GET_STRINGS(const QString &argument, SocketListener *listener)
#include "iconjob.h"
#include "accessmanager.h"
#include "owncloudgui.h"
+#include "guiutility.h"
#include "ActivityData.h"
#include "ActivityListModel.h"
QDesktopServices::openUrl(path);
} else {
const auto link = data(modelIndex, LinkRole).toUrl();
- QDesktopServices::openUrl(link);
+ Utility::openBrowser(link);
}
}
const auto action = activity._links[actionIndex];
if (action._verb == "WEB") {
- QDesktopServices::openUrl(QUrl(action._link));
+ Utility::openBrowser(QUrl(action._link));
return;
}
#include "configfile.h"
#include "notificationconfirmjob.h"
#include "logger.h"
+#include "guiutility.h"
#include <QDesktopServices>
#include <QIcon>
const auto talkApp = currentUser()->talkApp();
if (talkApp) {
- QDesktopServices::openUrl(talkApp->url());
+ Utility::openBrowser(talkApp->url());
} else {
qCWarning(lcActivity) << "The Talk app is not enabled on" << currentUser()->server();
}
return;
QString url = _users[_currentUserId]->server(false);
- if (!(url.contains("http://") || url.contains("https://"))) {
+ if (!url.startsWith("http://") && !url.startsWith("https://")) {
url = "https://" + _users[_currentUserId]->server(false);
}
- QDesktopServices::openUrl(QUrl(url));
+
+ QDesktopServices::openUrl(url);
}
Q_INVOKABLE void UserModel::switchCurrentUser(const int &id)
void UserAppsModel::openAppUrl(const QUrl &url)
{
- QDesktopServices::openUrl(url);
+ Utility::openBrowser(url);
}
int UserAppsModel::rowCount(const QModelIndex &parent) const
#include <QDir>
#include <QUrl>
+#include "guiutility.h"
#include "wizard/owncloudwizardresultpage.h"
#include "wizard/owncloudwizardcommon.h"
#include "theme.h"
{
Theme *theme = Theme::instance();
QUrl url = QUrl(field("OCUrl").toString() + theme->wizardUrlPostfix());
- QDesktopServices::openUrl(url);
+ Utility::openBrowser(url);
}
} // namespace OCC
#include <QWebEngineCertificateError>
#include <QMessageBox>
+#include "guiutility.h"
#include "common/utility.h"
namespace OCC {
{
Q_UNUSED(type);
Q_UNUSED(isMainFrame);
- QDesktopServices::openUrl(url);
+ Utility::openBrowser(url);
return false;
}
projects / nextcloud-desktop.git / commitdiff