Sakurai/pdf.js
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rejects incorrect url in download manager

Browse Source
This commit is contained in:
Yury Delendik 2013-07-12 13:36:20 -05:00
parent ef658bf5f1
commit 28778e6c1b
3 changed files with 30 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/annotation.js
View File

@ -16,7 +16,7 @@
*/ */
/* globals Util, isDict, isName, stringToPDFString, TODO, Dict, Stream, /* globals Util, isDict, isName, stringToPDFString, TODO, Dict, Stream,
stringToBytes, PDFJS, isWorker, assert, NotImplementedException, stringToBytes, PDFJS, isWorker, assert, NotImplementedException,
Promise, isArray, ObjectLoader */ Promise, isArray, ObjectLoader, isValidUrl */
'use strict'; 'use strict';
@ -641,24 +641,6 @@ var TextAnnotation = (function TextAnnotationClosure() {
})(); })();
var LinkAnnotation = (function LinkAnnotationClosure() { var LinkAnnotation = (function LinkAnnotationClosure() {
function isValidUrl(url) {
if (!url)
return false;
var colon = url.indexOf(':');
if (colon < 0)
return false;
var protocol = url.substr(0, colon);
switch (protocol) {
case 'http':
case 'https':
case 'ftp':
case 'mailto':
return true;
default:
return false;
}
}
function LinkAnnotation(params) { function LinkAnnotation(params) {
Annotation.call(this, params); Annotation.call(this, params);
@ -676,7 +658,7 @@ var LinkAnnotation = (function LinkAnnotationClosure() {
var url = action.get('URI'); var url = action.get('URI');
// TODO: pdf spec mentions urls can be relative to a Base // TODO: pdf spec mentions urls can be relative to a Base
// entry in the dictionary. // entry in the dictionary.
if (!isValidUrl(url)) { if (!isValidUrl(url, false)) {
url = ''; url = '';
} }
data.url = url; data.url = url;
@ -692,7 +674,7 @@ var LinkAnnotation = (function LinkAnnotationClosure() {
// TODO: pdf reference says that GoToR // TODO: pdf reference says that GoToR
// can also have 'NewWindow' attribute // can also have 'NewWindow' attribute
if (!isValidUrl(url)) { if (!isValidUrl(url, false)) {
url = ''; url = '';
} }
data.url = url; data.url = url;

22
src/util.js
View File

@ -108,6 +108,28 @@ function combineUrl(baseUrl, url) {
} }
} }
// Validates if URL is safe and allowed, e.g. to avoid XSS.
function isValidUrl(url, allowRelative) {
if (!url) {
return false;
}
var colon = url.indexOf(':');
if (colon < 0) {
return allowRelative;
}
var protocol = url.substr(0, colon);
switch (protocol) {
case 'http':
case 'https':
case 'ftp':
case 'mailto':
return true;
default:
return false;
}
}
PDFJS.isValidUrl = isValidUrl;
// In a well-formed PDF, |cond| holds. If it doesn't, subsequent // In a well-formed PDF, |cond| holds. If it doesn't, subsequent
// behavior is undefined. // behavior is undefined.
function assertWellFormed(cond, msg) { function assertWellFormed(cond, msg) {

6
web/download_manager.js
View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
/* globals URL*/ /* globals URL, PDFJS */
'use strict'; 'use strict';
@ -59,6 +59,10 @@ var DownloadManager = (function DownloadManagerClosure() {
DownloadManager.prototype = { DownloadManager.prototype = {
downloadUrl: function DownloadManager_downloadUrl(url, filename) { downloadUrl: function DownloadManager_downloadUrl(url, filename) {
if (!PDFJS.isValidUrl(url, true)) {
return; // restricted/invalid URL
}
download(url + '#pdfjs.action=download', filename); download(url + '#pdfjs.action=download', filename);
}, },