summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--officecfg/registry/schema/org/openoffice/Office/Common.xcs125
-rw-r--r--sfx2/source/doc/docmacromode.cxx56
2 files changed, 180 insertions, 1 deletions
diff --git a/officecfg/registry/schema/org/openoffice/Office/Common.xcs b/officecfg/registry/schema/org/openoffice/Office/Common.xcs
index fb627eba4317..8c9add931d14 100644
--- a/officecfg/registry/schema/org/openoffice/Office/Common.xcs
+++ b/officecfg/registry/schema/org/openoffice/Office/Common.xcs
@@ -2707,6 +2707,131 @@
<desc>List with trusted authors.</desc>
</info>
</set>
+ <group oor:name="WindowsSecurityZone">
+ <info>
+ <desc>Contains security settings regarding Basic scripts.</desc>
+ </info>
+ <prop oor:name="ZoneLocal" oor:type="xs:int" oor:nillable="false">
+ <info>
+ <desc>Action needed for opening document with macro with Windows zone
+ identifier URLZONE_LOCAL_MACHINE (0, local machine).</desc>
+ </info>
+ <constraints>
+ <enumeration oor:value="0">
+ <info>
+ <desc>Ask</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="1">
+ <info>
+ <desc>Allow</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="2">
+ <info>
+ <desc>Deny</desc>
+ </info>
+ </enumeration>
+ </constraints>
+ <value>0</value>
+ </prop>
+ <prop oor:name="ZoneIntranet" oor:type="xs:int" oor:nillable="false">
+ <info>
+ <desc>Action needed for opening document with macro with Windows zone
+ identifier URLZONE_INTRANET (1, local machine).</desc>
+ </info>
+ <constraints>
+ <enumeration oor:value="0">
+ <info>
+ <desc>Ask</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="1">
+ <info>
+ <desc>Allow</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="2">
+ <info>
+ <desc>Deny</desc>
+ </info>
+ </enumeration>
+ </constraints>
+ <value>0</value>
+ </prop>
+ <prop oor:name="ZoneTrusted" oor:type="xs:int" oor:nillable="false">
+ <info>
+ <desc>Action needed for opening document with macro with Windows zone
+ identifier URLZONE_TRUSTED (2, trusted).</desc>
+ </info>
+ <constraints>
+ <enumeration oor:value="0">
+ <info>
+ <desc>Ask</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="1">
+ <info>
+ <desc>Allow</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="2">
+ <info>
+ <desc>Deny</desc>
+ </info>
+ </enumeration>
+ </constraints>
+ <value>0</value>
+ </prop>
+ <prop oor:name="ZoneInternet" oor:type="xs:int" oor:nillable="false">
+ <info>
+ <desc>Action needed for opening document with macro with Windows zone
+ identifier URLZONE_INTERNET (3, internet).</desc>
+ </info>
+ <constraints>
+ <enumeration oor:value="0">
+ <info>
+ <desc>Ask</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="1">
+ <info>
+ <desc>Allow</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="2">
+ <info>
+ <desc>Deny</desc>
+ </info>
+ </enumeration>
+ </constraints>
+ <value>2</value>
+ </prop>
+ <prop oor:name="ZoneUntrusted" oor:type="xs:int" oor:nillable="false">
+ <info>
+ <desc>Action needed for opening document with macro with Windows zone
+ identifier URLZONE_UNTRUSTED (3, untrusted source).</desc>
+ </info>
+ <constraints>
+ <enumeration oor:value="0">
+ <info>
+ <desc>Ask</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="1">
+ <info>
+ <desc>Allow</desc>
+ </info>
+ </enumeration>
+ <enumeration oor:value="2">
+ <info>
+ <desc>Deny</desc>
+ </info>
+ </enumeration>
+ </constraints>
+ <value>2</value>
+ </prop>
+ </group>
</group>
</group>
<group oor:name="View">
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index ea0d46babdfa..58edfba428c9 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -38,6 +38,10 @@
#include <tools/diagnose_ex.h>
#include <tools/urlobj.hxx>
+#if defined(_WIN32)
+#include <systools/win32/comtools.hxx>
+#include <urlmon.h>
+#endif
namespace sfx2
{
@@ -286,7 +290,57 @@ namespace sfx2
}
}
- // conformation is required
+#if defined(_WIN32)
+ // Windows specific: try to decide macros loading depending on Windows Security Zones
+ // (file is local, or it was downloaded from internet, etc)
+ OUString sURL(m_xData->m_rDocumentAccess.getDocumentLocation());
+ sal::systools::COMReference<IZoneIdentifier> pZoneId;
+ auto e1 = CoCreateInstance(
+ CLSID_PersistentZoneIdentifier, nullptr, CLSCTX_ALL, IID_PPV_ARGS(&pZoneId));
+ if (FAILED(e1))
+ return disallowMacroExecution();
+ sal::systools::COMReference<IPersistFile> pPersist(pZoneId.QueryInterface<IPersistFile>(IID_IPersistFile));
+ DWORD dwZone;
+ OUString sFilePath;
+ osl::FileBase::getSystemPathFromFileURL(sURL, sFilePath);
+ if (SUCCEEDED(pPersist->Load(reinterpret_cast<LPCOLESTR>(sFilePath.getStr()), STGM_READ)) &&
+ SUCCEEDED(pZoneId->GetId(&dwZone))) {
+ // We got zone id
+ sal_Int32 nAction = 0;
+ switch (dwZone) {
+ case 0:
+ nAction = officecfg::Office::Common::Security::Scripting::WindowsSecurityZone::ZoneLocal::get();
+ break;
+ case 1:
+ nAction = officecfg::Office::Common::Security::Scripting::WindowsSecurityZone::ZoneIntranet::get();
+ break;
+ case 2:
+ nAction = officecfg::Office::Common::Security::Scripting::WindowsSecurityZone::ZoneTrusted::get();
+ break;
+ case 3:
+ nAction = officecfg::Office::Common::Security::Scripting::WindowsSecurityZone::ZoneInternet::get();
+ break;
+ case 4:
+ nAction = officecfg::Office::Common::Security::Scripting::WindowsSecurityZone::ZoneUntrusted::get();
+ break;
+ default:
+ nAction = 0;
+ break;
+ }
+ switch (nAction)
+ {
+ case 0: // Ask
+ break;
+ case 1: // Allow
+ return allowMacroExecution();
+ default:
+ [[fallthrough]];
+ case 2: // Deny
+ return disallowMacroExecution();
+ }
+ }
+#endif
+ // confirmation is required
bool bSecure = false;
if ( eAutoConfirm == eNoAutoConfirm )
generated by cgit (git 2.34.1) at 2024-04-28 15:43:00 +0000