diff options
author | Michael Stahl <mstahl@redhat.com> | 2017-08-09 17:38:14 +0200 |
---|---|---|
committer | Markus Mohrhard <markus.mohrhard@googlemail.com> | 2017-08-10 09:51:12 +0200 |
commit | 9d1f32a4308c9f699cb52aecc11566afb7d0d3f7 (patch) | |
tree | e5f0988529c134f852da98b0c7d19173b252c7d8 | |
parent | 9fe457b2765113d42139a4043b6ba64d93107585 (diff) |
desktop,extensions: updater: only allow redirects to HTTP/HTTPS
Configure curl to prevent redirects to other protocols.
Change-Id: Ied73b3d9a062ea6e0a1d594f4c12162dffd6c4a7
(cherry picked from commit bd60bbfbdfbeb2687297e4512ddbea62a394ae67)
Reviewed-on: https://gerrit.libreoffice.org/40937
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Markus Mohrhard <markus.mohrhard@googlemail.com>
-rw-r--r-- | extensions/source/update/check/download.cxx | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/extensions/source/update/check/download.cxx b/extensions/source/update/check/download.cxx index 4b4afea5523d..555b377c845d 100644 --- a/extensions/source/update/check/download.cxx +++ b/extensions/source/update/check/download.cxx @@ -238,6 +238,8 @@ bool curl_run(const OUString& rURL, OutData& out, const OString& aProxyHost, sal // enable redirection curl_easy_setopt(pCURL, CURLOPT_FOLLOWLOCATION, 1); + // only allow redirect to http:// and https:// + curl_easy_setopt(pCURL, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); // write function curl_easy_setopt(pCURL, CURLOPT_WRITEDATA, &out); |