diff options
author | Andrey Lihatskiy <alihatskiy@productengine.com> | 2024-05-15 16:35:49 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-05-15 16:35:49 +0300 |
commit | e49dcb8d0c9f539997effb640e350d9d0689aae6 (patch) | |
tree | 1bf99eaccce6de17c62f13c6595f7f497548dc5c /indra/newview/llcommandhandler.cpp | |
parent | 531cd34f670170ade57f8813fe48012b61a1d3c2 (diff) | |
parent | 5f8a7374b9f18e0112d6749a9c845bd077a81acb (diff) |
Merge pull request #1476 from secondlife/marchcat/x-b-merge
Maint X -> Maint B merge
Diffstat (limited to 'indra/newview/llcommandhandler.cpp')
-rw-r--r-- | indra/newview/llcommandhandler.cpp | 246 |
1 files changed, 123 insertions, 123 deletions
diff --git a/indra/newview/llcommandhandler.cpp b/indra/newview/llcommandhandler.cpp index caa27e530b..4038ae8002 100644 --- a/indra/newview/llcommandhandler.cpp +++ b/indra/newview/llcommandhandler.cpp @@ -7,21 +7,21 @@ * $LicenseInfo:firstyear=2007&license=viewerlgpl$ * Second Life Viewer Source Code * Copyright (C) 2010, Linden Research, Inc. - * + * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; * version 2.1 of the License only. - * + * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. - * + * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * + * * Linden Research, Inc., 945 Battery Street, San Francisco, CA 94111 USA * $/LicenseInfo$ */ @@ -48,81 +48,81 @@ const std::string LLCommandHandler::NAV_TYPE_NAVIGATED = "navigated"; //--------------------------------------------------------------------------- struct LLCommandHandlerInfo { - LLCommandHandler::EUntrustedAccess mUntrustedBrowserAccess; - LLCommandHandler* mHandler; // safe, all of these are static objects + LLCommandHandler::EUntrustedAccess mUntrustedBrowserAccess; + LLCommandHandler* mHandler; // safe, all of these are static objects }; class LLCommandHandlerRegistry { public: - static LLCommandHandlerRegistry& instance(); - void add(const char* cmd, - LLCommandHandler::EUntrustedAccess untrusted_access, - LLCommandHandler* handler); - bool dispatch(const std::string& cmd, - const LLSD& params, - const LLSD& query_map, + static LLCommandHandlerRegistry& instance(); + void add(const char* cmd, + LLCommandHandler::EUntrustedAccess untrusted_access, + LLCommandHandler* handler); + bool dispatch(const std::string& cmd, + const LLSD& params, + const LLSD& query_map, const std::string& grid, - LLMediaCtrl* web, - const std::string& nav_type, - bool trusted_browser); + LLMediaCtrl* web, + const std::string& nav_type, + bool trusted_browser); private: void notifySlurlBlocked(); void notifySlurlThrottled(); - friend LLSD LLCommandDispatcher::enumerate(); - std::map<std::string, LLCommandHandlerInfo> mMap; + friend LLSD LLCommandDispatcher::enumerate(); + std::map<std::string, LLCommandHandlerInfo> mMap; }; -// static +// static LLCommandHandlerRegistry& LLCommandHandlerRegistry::instance() { - // Force this to be initialized on first call, because we're going - // to be adding items to the std::map before main() and we can't - // rely on a global being initialized in the right order. - static LLCommandHandlerRegistry instance; - return instance; + // Force this to be initialized on first call, because we're going + // to be adding items to the std::map before main() and we can't + // rely on a global being initialized in the right order. + static LLCommandHandlerRegistry instance; + return instance; } void LLCommandHandlerRegistry::add(const char* cmd, - LLCommandHandler::EUntrustedAccess untrusted_access, - LLCommandHandler* handler) + LLCommandHandler::EUntrustedAccess untrusted_access, + LLCommandHandler* handler) { - LLCommandHandlerInfo info; - info.mUntrustedBrowserAccess = untrusted_access; - info.mHandler = handler; + LLCommandHandlerInfo info; + info.mUntrustedBrowserAccess = untrusted_access; + info.mHandler = handler; - mMap[cmd] = info; + mMap[cmd] = info; } bool LLCommandHandlerRegistry::dispatch(const std::string& cmd, - const LLSD& params, - const LLSD& query_map, - const std::string& grid, - LLMediaCtrl* web, - const std::string& nav_type, - bool trusted_browser) + const LLSD& params, + const LLSD& query_map, + const std::string& grid, + LLMediaCtrl* web, + const std::string& nav_type, + bool trusted_browser) { - static F64 last_throttle_time = 0.0; - F64 cur_time = 0.0; - std::map<std::string, LLCommandHandlerInfo>::iterator it = mMap.find(cmd); - if (it == mMap.end()) return false; - const LLCommandHandlerInfo& info = it->second; - if (!trusted_browser) - { - switch (info.mUntrustedBrowserAccess) - { - case LLCommandHandler::UNTRUSTED_ALLOW: - // fall through and let the command be handled - break; + static F64 last_throttle_time = 0.0; + F64 cur_time = 0.0; + std::map<std::string, LLCommandHandlerInfo>::iterator it = mMap.find(cmd); + if (it == mMap.end()) return false; + const LLCommandHandlerInfo& info = it->second; + if (!trusted_browser) + { + switch (info.mUntrustedBrowserAccess) + { + case LLCommandHandler::UNTRUSTED_ALLOW: + // fall through and let the command be handled + break; - case LLCommandHandler::UNTRUSTED_BLOCK: - // block request from external browser, but report as - // "handled" because it was well formatted. - LL_WARNS_ONCE("SLURL") << "Blocked SLURL command from untrusted browser" << LL_ENDL; + case LLCommandHandler::UNTRUSTED_BLOCK: + // block request from external browser, but report as + // "handled" because it was well formatted. + LL_WARNS_ONCE("SLURL") << "Blocked SLURL command from untrusted browser" << LL_ENDL; notifySlurlBlocked(); - return true; + return true; case LLCommandHandler::UNTRUSTED_CLICK_ONLY: if (nav_type == LLCommandHandler::NAV_TYPE_CLICKED @@ -134,40 +134,40 @@ bool LLCommandHandlerRegistry::dispatch(const std::string& cmd, notifySlurlBlocked(); return true; - case LLCommandHandler::UNTRUSTED_THROTTLE: - //skip initial request from external browser before STATE_BROWSER_INIT - if (LLStartUp::getStartupState() == STATE_FIRST) - { - return true; - } + case LLCommandHandler::UNTRUSTED_THROTTLE: + //skip initial request from external browser before STATE_BROWSER_INIT + if (LLStartUp::getStartupState() == STATE_FIRST) + { + return true; + } if (!info.mHandler->canHandleUntrusted(params, query_map, web, nav_type)) { LL_WARNS_ONCE("SLURL") << "Blocked SLURL command from untrusted browser" << LL_ENDL; notifySlurlBlocked(); return true; } - // if users actually click on a link, we don't need to throttle it - // (throttling mechanism is used to prevent an avalanche of clicks via - // javascript - if (nav_type == LLCommandHandler::NAV_TYPE_CLICKED) - { - break; - } - cur_time = LLTimer::getElapsedSeconds(); - if (cur_time < last_throttle_time + THROTTLE_PERIOD) - { - // block request from external browser if it happened - // within THROTTLE_PERIOD seconds of the last command - LL_WARNS_ONCE("SLURL") << "Throttled SLURL command from untrusted browser" << LL_ENDL; + // if users actually click on a link, we don't need to throttle it + // (throttling mechanism is used to prevent an avalanche of clicks via + // javascript + if (nav_type == LLCommandHandler::NAV_TYPE_CLICKED) + { + break; + } + cur_time = LLTimer::getElapsedSeconds(); + if (cur_time < last_throttle_time + THROTTLE_PERIOD) + { + // block request from external browser if it happened + // within THROTTLE_PERIOD seconds of the last command + LL_WARNS_ONCE("SLURL") << "Throttled SLURL command from untrusted browser" << LL_ENDL; notifySlurlThrottled(); - return true; - } - last_throttle_time = cur_time; - break; - } - } - if (!info.mHandler) return false; - return info.mHandler->handle(params, query_map, grid, web); + return true; + } + last_throttle_time = cur_time; + break; + } + } + if (!info.mHandler) return false; + return info.mHandler->handle(params, query_map, grid, web); } void LLCommandHandlerRegistry::notifySlurlBlocked() @@ -203,15 +203,15 @@ void LLCommandHandlerRegistry::notifySlurlThrottled() //--------------------------------------------------------------------------- LLCommandHandler::LLCommandHandler(const char* cmd, - EUntrustedAccess untrusted_access) + EUntrustedAccess untrusted_access) { - LLCommandHandlerRegistry::instance().add(cmd, untrusted_access, this); + LLCommandHandlerRegistry::instance().add(cmd, untrusted_access, this); } LLCommandHandler::~LLCommandHandler() { - // Don't care about unregistering these, all the handlers - // should be static objects. + // Don't care about unregistering these, all the handlers + // should be static objects. } //--------------------------------------------------------------------------- @@ -220,67 +220,67 @@ LLCommandHandler::~LLCommandHandler() // static bool LLCommandDispatcher::dispatch(const std::string& cmd, - const LLSD& params, - const LLSD& query_map, - const std::string& grid, - LLMediaCtrl* web, - const std::string& nav_type, - bool trusted_browser) + const LLSD& params, + const LLSD& query_map, + const std::string& grid, + LLMediaCtrl* web, + const std::string& nav_type, + bool trusted_browser) { - return LLCommandHandlerRegistry::instance().dispatch( - cmd, params, query_map, grid, web, nav_type, trusted_browser); + return LLCommandHandlerRegistry::instance().dispatch( + cmd, params, query_map, grid, web, nav_type, trusted_browser); } static std::string lookup(LLCommandHandler::EUntrustedAccess value); LLSD LLCommandDispatcher::enumerate() { - LLSD response; - LLCommandHandlerRegistry& registry(LLCommandHandlerRegistry::instance()); - for (std::map<std::string, LLCommandHandlerInfo>::const_iterator chi(registry.mMap.begin()), - chend(registry.mMap.end()); - chi != chend; ++chi) - { - LLSD info; - info["untrusted"] = chi->second.mUntrustedBrowserAccess; - info["untrusted_str"] = lookup(chi->second.mUntrustedBrowserAccess); - response[chi->first] = info; - } - return response; + LLSD response; + LLCommandHandlerRegistry& registry(LLCommandHandlerRegistry::instance()); + for (std::map<std::string, LLCommandHandlerInfo>::const_iterator chi(registry.mMap.begin()), + chend(registry.mMap.end()); + chi != chend; ++chi) + { + LLSD info; + info["untrusted"] = chi->second.mUntrustedBrowserAccess; + info["untrusted_str"] = lookup(chi->second.mUntrustedBrowserAccess); + response[chi->first] = info; + } + return response; } /*------------------------------ lookup stuff ------------------------------*/ struct symbol_info { - const char* name; - LLCommandHandler::EUntrustedAccess value; + const char* name; + LLCommandHandler::EUntrustedAccess value; }; -#define ent(SYMBOL) \ - { \ - &#SYMBOL[28], /* skip "LLCommandHandler::UNTRUSTED_" prefix */ \ - SYMBOL \ - } +#define ent(SYMBOL) \ + { \ + &#SYMBOL[28], /* skip "LLCommandHandler::UNTRUSTED_" prefix */ \ + SYMBOL \ + } symbol_info symbols[] = { - ent(LLCommandHandler::UNTRUSTED_ALLOW), // allow commands from untrusted browsers - ent(LLCommandHandler::UNTRUSTED_BLOCK), // ignore commands from untrusted browsers + ent(LLCommandHandler::UNTRUSTED_ALLOW), // allow commands from untrusted browsers + ent(LLCommandHandler::UNTRUSTED_BLOCK), // ignore commands from untrusted browsers ent(LLCommandHandler::UNTRUSTED_CLICK_ONLY), // allow untrusted, but only if clicked - ent(LLCommandHandler::UNTRUSTED_THROTTLE) // allow untrusted, but only a few per min. + ent(LLCommandHandler::UNTRUSTED_THROTTLE) // allow untrusted, but only a few per min. }; #undef ent static std::string lookup(LLCommandHandler::EUntrustedAccess value) { - for (symbol_info *sii(symbols), *siend(symbols + (sizeof(symbols)/sizeof(symbols[0]))); - sii != siend; ++sii) - { - if (sii->value == value) - { - return sii->name; - } - } - return STRINGIZE("UNTRUSTED_" << value); + for (symbol_info *sii(symbols), *siend(symbols + (sizeof(symbols)/sizeof(symbols[0]))); + sii != siend; ++sii) + { + if (sii->value == value) + { + return sii->name; + } + } + return STRINGIZE("UNTRUSTED_" << value); } |