Check svg URLs before exporting

Change-Id: I3b86b6b82318b0d201c3d7db516664520eb47bed
Reviewed-on: https://gerrit.libreoffice.org/68668
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>

3 files changed, 28 insertions, 7 deletions

diff --git a/filter/source/svg/svgexport.cxx b/filter/source/svg/svgexport.cxx
index c6f9ce9bd015..d5cb95f732ef 100644
--- a/filter/source/svg/svgexport.cxx
+++ b/filter/source/svg/svgexport.cxx
@@ -47,6 +47,7 @@
 #include <comphelper/sequenceashashmap.hxx>
 #include <i18nlangtag/lang.h>
 #include <svl/zforlist.hxx>
+#include <tools/urlobj.hxx>
 #include <unotools/ucbstreamhelper.hxx>
 #include <xmloff/unointerfacetouniqueidentifiermapper.hxx>
 #include <xmloff/nmspmap.hxx>
@@ -1951,13 +1952,18 @@ bool SVGFilter::implExportShape( const Reference< css::drawing::XShape >& rxShap
 
                         if( !aBookmark.isEmpty() )
                         {
-                            mpSVGExport->AddAttribute( XML_NAMESPACE_NONE, "xlink:href", aBookmark);
-                            SvXMLElementExport alinkA( *mpSVGExport, XML_NAMESPACE_NONE, "a", true, true );
-                            mpSVGWriter->WriteMetaFile( aTopLeft, aSize, rMtf,
-                                                        0xffffffff,
-                                                        pElementId,
-                                                        &rxShape,
-                                                        pEmbeddedBitmapsMtf );
+                            INetURLObject aINetURLObject(aBookmark);
+                            if (!aINetURLObject.HasError()
+                                && aINetURLObject.GetProtocol() != INetProtocol::Javascript)
+                            {
+                                mpSVGExport->AddAttribute( XML_NAMESPACE_NONE, "xlink:href", aBookmark);
+                                SvXMLElementExport alinkA( *mpSVGExport, XML_NAMESPACE_NONE, "a", true, true );
+                                mpSVGWriter->WriteMetaFile( aTopLeft, aSize, rMtf,
+                                                            0xffffffff,
+                                                            pElementId,
+                                                            &rxShape,
+                                                            pEmbeddedBitmapsMtf );
+                            }
                         }
                         else
                         {
diff --git a/sd/qa/unit/SVGExportTests.cxx b/sd/qa/unit/SVGExportTests.cxx
index 9afc5cb42a01..400d604e786c 100644
--- a/sd/qa/unit/SVGExportTests.cxx
+++ b/sd/qa/unit/SVGExportTests.cxx
@@ -110,8 +110,23 @@ public:
         assertXPath(svgDoc, MAKE_PATH_STRING( /SVG_SVG/SVG_G[2]/SVG_G/SVG_G/SVG_G/SVG_G/SVG_G[2]/SVG_G/SVG_TEXT/SVG_TSPAN ), "text-decoration", "line-through");
     }
 
+    void testSVGExportJavascriptURL()
+    {
+        executeExport("textbox-link-javascript.odp");
+
+        xmlDocPtr svgDoc = parseXml(maTempFile);
+        CPPUNIT_ASSERT(svgDoc);
+
+        // There should be only one child (no link to javascript url)
+        assertXPathChildren(svgDoc,
+                            MAKE_PATH_STRING(/ SVG_SVG / SVG_G[2] / SVG_G / SVG_G / SVG_G / SVG_G
+                                             / SVG_G[4] / SVG_G),
+                            1);
+    }
+
     CPPUNIT_TEST_SUITE(SdSVGFilterTest);
     CPPUNIT_TEST(testSVGExportTextDecorations);
+    CPPUNIT_TEST(testSVGExportJavascriptURL);
     CPPUNIT_TEST_SUITE_END();
 };
 
diff --git a/sd/qa/unit/data/odp/textbox-link-javascript.odp b/sd/qa/unit/data/odp/textbox-link-javascript.odp
new file mode 100644
index 000000000000..c046cf0c7de5
--- /dev/null
+++ b/sd/qa/unit/data/odp/textbox-link-javascript.odp