diff options
author | Marvin W <git@larma.de> | 2019-12-26 15:39:12 +0100 |
---|---|---|
committer | Marvin W <git@larma.de> | 2019-12-26 15:46:58 +0100 |
commit | 4a3cef89fd7ebf15bfc6a108ac31f36e469cf80a (patch) | |
tree | adae57233724f4bda367fe1f17885bda1dfc0c24 /plugins | |
parent | 7d1497a549892f97ef28bd9e1f5cc65df2f30635 (diff) | |
download | dino-4a3cef89fd7ebf15bfc6a108ac31f36e469cf80a.tar.gz dino-4a3cef89fd7ebf15bfc6a108ac31f36e469cf80a.zip |
Don't allow newlines in URLs, also clean up on http file transfer detection
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/http-files/src/file_provider.vala | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/plugins/http-files/src/file_provider.vala b/plugins/http-files/src/file_provider.vala index 2ce8d96b..a025e37b 100644 --- a/plugins/http-files/src/file_provider.vala +++ b/plugins/http-files/src/file_provider.vala @@ -10,8 +10,8 @@ public class FileProvider : Dino.FileProvider, Object { private StreamInteractor stream_interactor; private Dino.Database dino_db; - private Regex url_regex = /^(?i)\b((?:[a-z][\w-]+:(?:\/{1,3}|[a-z0-9%])|www\d{0,3}[.]|[a-z0-9.\-]+[.][a-z]{2,4}\/)(?:[^\s()<>]+|\(([^\s()<>]+|(\([^\s()<>]+\)))*\))+(?:\(([^\s()<>]+|(\([^\s()<>]+\)))*\)|[^\s`!()\[\]{};:'".,<>?«»“”‘’]))$/; - private Regex omemo_url_regex = /^aesgcm:\/\/(.*)#(([A-Fa-f0-9]{2}){48}|([A-Fa-f0-9]{2}){44})$/; + private static Regex http_url_regex = /^https?:\/\/([^\s#]*)$/; // Spaces are invalid in URLs and we can't use fragments for downloads + private static Regex omemo_url_regex = /^aesgcm:\/\/(.*)#(([A-Fa-f0-9]{2}){48}|([A-Fa-f0-9]{2}){44})$/; public FileProvider(StreamInteractor stream_interactor, Dino.Database dino_db) { this.stream_interactor = stream_interactor; @@ -35,15 +35,11 @@ public class FileProvider : Dino.FileProvider, Object { } public override async bool run(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) { - if (outer.url_regex.match(message.body)) { - string? oob_url = Xmpp.Xep.OutOfBandData.get_url_from_message(stanza); - - bool normal_file = oob_url != null && oob_url == message.body; - bool omemo_file = outer.omemo_url_regex.match(message.body); - - if (normal_file || omemo_file) { - yield outer.on_file_message(message, conversation); - } + string? oob_url = Xmpp.Xep.OutOfBandData.get_url_from_message(stanza); + bool normal_file = oob_url != null && oob_url == message.body && FileProvider.http_url_regex.match(message.body); + bool omemo_file = FileProvider.omemo_url_regex.match(message.body); + if (normal_file || omemo_file) { + yield outer.on_file_message(message, conversation); } return false; } |