summaryrefslogtreecommitdiff
path: root/indra/newview/llnearbychatbar.cpp
diff options
context:
space:
mode:
authorMartin Reddy <lynx@lindenlab.com>2009-09-14 17:09:45 +0000
committerMartin Reddy <lynx@lindenlab.com>2009-09-14 17:09:45 +0000
commitcb926640b72afc5f4cad3919222acaefdd090c92 (patch)
tree18e9a3dbf2cde4b310513bf4c970eeb8cf2fa5ea /indra/newview/llnearbychatbar.cpp
parent5f4764c785becf7344f48b02afd764a37b820d4c (diff)
DEV-15182 VWR-5474 SEC-20: re-enabled support for clicking on the
following SLAPP URL types in an untrusted browser: secondlife:///app/agent/... secondlife:///app/group/... secondlife:///app/parcel/... In order to find a compromise between supporting these commands and security concerns over potential griefing vectors, we use a throttling solution when these commands are issued by untrusted web browsers. That is, we only process one command per 15 seconds. This applies to external browsers, like Firefox, as well as the internal SL browser. Notably, we continue to block secondlife:///app/teleport URLs. Reviewed by james.
Diffstat (limited to 'indra/newview/llnearbychatbar.cpp')
-rw-r--r--indra/newview/llnearbychatbar.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/indra/newview/llnearbychatbar.cpp b/indra/newview/llnearbychatbar.cpp
index 764e093bcc..e348189ea9 100644
--- a/indra/newview/llnearbychatbar.cpp
+++ b/indra/newview/llnearbychatbar.cpp
@@ -616,7 +616,7 @@ class LLChatHandler : public LLCommandHandler
{
public:
// not allowed from outside the app
- LLChatHandler() : LLCommandHandler("chat", true) { }
+ LLChatHandler() : LLCommandHandler("chat", UNTRUSTED_BLOCK) { }
// Your code here
bool handle(const LLSD& tokens, const LLSD& query_map,