Age | Commit message (Collapse) | Author |
|
Change-Id: I1285c4e47ad381934adc3aea6671e7c95d820c39
Reviewed-on: https://gerrit.libreoffice.org/8334
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Ie80d0c00fe8725e59a6814707c9a4afcb6ac09b5
|
|
Change-Id: I8df1934c7392ec38918be2a5b986c6ca871f9d15
|
|
Change-Id: I4848bf84615274ad5732223a354fb7a6b845d9a8
|
|
Change-Id: I939160ae72fecbe3d4a60ce755730bd4c38497fb
Reviewed-on: https://gerrit.libreoffice.org/8182
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I8051c0756e0474a5b4f748e0aa15a9922e82ea97
|
|
Change-Id: I7c0af2de872bb0064a2e5cb269fd2a08f228ce3e
|
|
Change-Id: I2f6b40def145ea478403fb566c4b0d57c87c0627
|
|
To replace single-instance com.sun.star.util.PathSettings service,
incorrectly converted in 89b0017b22889af6a8afe28b94c06e7095dc8c6f
Keeping util::PathSettings::create in
sc/source/ui/vba/vbaapplication.cxx because for some reason
util::thePathSettings::get does not work in sc_macros_test
while testing sc/qa/extras/testdocuments/Ranges.xls.
Change-Id: I75b68ae56ac5b58f72416070dba100ab3ab70fe8
|
|
Change-Id: If905b2f3e51adf7e64df9385ede74368acd11771
|
|
Change-Id: I6b560474e38230a0c8b6ba3be0bbffe9e7dcae48
|
|
Change-Id: I512c525029ebd63d261560d27e9f38bbe94f7e10
Reviewed-on: https://gerrit.libreoffice.org/7649
Tested-by: LibreOffice gerrit bot <gerrit@libreoffice.org>
Reviewed-by: Marcos Souza <marcos.souza.org@gmail.com>
Tested-by: Marcos Souza <marcos.souza.org@gmail.com>
|
|
Change-Id: Ie304c66b7a3abb163428fb481c3cca3de2b4379b
|
|
Change-Id: I7020537797b181b0fcbf78de3d7b962b96744895
|
|
Change-Id: Id6f13ba0f51bef17de6b5e200c71dbde06e3ab63
|
|
...to improve diagnosing misuses of boolean expressions in client code (cf.
compilerplugins/clang/implicitboolconversion.cxx). This change should be
transparent to client code.
Missing overloads of insert() for bool have been added to OStringBuffer and
OUStringBuffer (which required dropping one !VALID_CONVERSION check that would
now pick that overload, but would be flagged by
compilerplugins/clang/pointertobool.cxx).
Change-Id: I2d64cd923b8f47bfaa31e753def6515c29a3f8c9
|
|
Change-Id: I6b2f9e04e2232570c8bb9f36252b23a70c5f7525
Reviewed-on: https://gerrit.libreoffice.org/7604
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I9869d9709f28b68ef7b518527175589d80644668
|
|
Change-Id: Ie9951690fa99705d2083e0d1515261f2f99fd97a
|
|
Change-Id: I2733b729fe516c0e857490369d493bb7d8fb7c77
|
|
Change-Id: I00d347a395bc81e31e1575c453e9e7d2d6eb60ed
|
|
Convert code like:
buf.append( static_cast<sal_Unicode>('!') );
to:
buf.append( '!' );
Change-Id: Iacb03a61de65a895540940953b49620677b3d051
|
|
Change-Id: Ia5f104bfd707bcf4e159c78ca2764c861fb0b6d9
|
|
Change-Id: I3547786bf77b8f611bc08d0e52c66ac00e199f13
|
|
Change-Id: I56f38bd786f3a026cb2908f28540dc9c4003af83
|
|
Convert code like
aFilename = OUString::number(nFilePostfixCount) + OUString(".bmp");
to
aFilename = OUString::number(nFilePostfixCount) + ".bmp";
Change-Id: I03f513ad1c8ec8846b2afbdc67ab12525ed07e50
|
|
Change-Id: Ifeecd82f98f9be9f90d293a7b68691f91d7bbc34
|
|
Change-Id: I00a8e794189d17ad91a90beb9ce6cb89b7bab2aa
|
|
Change-Id: If4588034fc09e4663b5217669c71f26c0a3b8c8a
|
|
Change-Id: If00ae920eb74dfe67a8654bb092879997f37ccc1
|
|
...and utl::ConfigItem::IsValidConfigMgr is always true.
Change-Id: I37e295729c3d0ae12719f0ae6f5a5628c58d0b9f
|
|
change code like
aStr = OUString("xxxx");
to
aStr = "xxxx";
Change-Id: Ib981a5cc735677ec5dba76ef9279a107d22e99d4
|
|
Change-Id: I56c1190c93333636981acf2dd271515170a8a904
|
|
Change-Id: I9058044d13f696e07667dce706f6c311af6dbea0
|
|
...post 24cad6a6490b245bd88ec3e3c87195628914f6a2 "Move MediaDescriptor from
comphelper to unotools."
Change-Id: I71b4f4e1c1b68c3281f77dc15a2df30bfbf7e587
|
|
For now, this checks for a trusted referer (if the BlockUntrustedRefererLinks
configuration prop is set) in utl::MediaDescriptor::impl_openStreamWithURL and
SvxBrushItem::GetGraphicObject. Checking in additional places will probably be
necessary to block /all/ unwanted communication. Also, some places marked
/*TODO?*/ currently pass in an empty referer (which is always considered
trusted) and will probably need to be adapted.
Ideally, Referer URIs would never be empty (and consistently use something like
<private:user> for cases where access is explicitly initiated by the user and
should never be blocked), but that's a very daunting task, so start small by
identifying the places that potentially need blocking and adding appropriate
Referer URIs there. Also, Referer information should always be computed as
freshly as possible from the context in which an access attempt is made, but,
again, always carrying the information from the context all the way to the
relevant functions is a very daunting task, so for now store the information
upon object instantiation in some cases (SvxBrushItem, SdrGrafObj, ...).
The Referer URI (css.document.MediaDescriptor property; SID_REFERER) was already
used to track macro execution, and there is one place in
SfxApplication::OpenDocExec_Impl where opening of hyperlinks (explicitly clicked
by the user) is done that needs the current document's URI as Referer to check
execution of macro URIs but needs an empty (or <private:user>, see above)
Referer to not block non-macro URIs. Special code has been added there to
handle that.
Change-Id: Iafbdc07a9fe925d9ee580d4f5778448f18f2ebd9
|
|
...so it will be able to use SvtSecurityOptions internally.
Change-Id: Id7433247e8fc53651935578510bedbcca5aa2ac9
|
|
Change-Id: Id2f2a3dafc3bb7ec6fada6bfda5843348dfac5a1
|
|
Change-Id: Ibf04062ca86ed866202d748c3b62a210d30ed6ec
|
|
Change-Id: Ib97256e3c00db61e53998571114dab5d74ce18be
|
|
Convert code like
aStr.compareToAscii("XXX") == 0
to
aStr.equalsAscii("XXX")
which is both easier to read and faster.
Change-Id: I448abf58f2fa0e7715dba53f8e8825ca0587c83f
|
|
Convert code like:
0 == aStr.compareToAscii("XXX")
to
aStr.equalsAscii("XXX")
which is both clearer and faster.
Change-Id: I2e906d7d38494db38eb292702fadb781b1251e07
|
|
Change-Id: Ibcf4b7d9d11295c7679637a37d41dc2960e04f8f
|
|
...to not use WildCard (in case a trusted location URI already contains an
unescaped "*"), be specific about matching only past a final "/", and rename to
isSecureMacroUri for clarification.
The check with an INET_PROT_NOT_VALID default INetURLObject in
SfxApplication::OpenDocExec_Impl ("we have to check the referer before
executing") had efficiently been dead since its inception in
14237ac4bf497decdde8b742acea23780833ba12 "#90880#: security checks corrected,"
as INET_PROT_NOT_VALID is considered secure regardless of referer anyway.
Change-Id: I03bca5e6dac89bb2aac52909aff273ea640228d8
|
|
Change-Id: Iad166e6b9ce0877200bd58c388b3914b15167196
|
|
Convert code like:
if( aStr == OUString("xxxx") )
to this:
if( aStr == "xxxx" )
Change-Id: I8d201f048477731eff590fb988259ef0935c080c
|
|
This is both an optimisation and a cleanup.
This converts code like
aStr.indexOf("XX") == 0
to
aStr.startsWith("XX")
and converts code like
aStr.lastIndexOf("XXX") == aStr.getLength() - 3
to
aStr.endsWith("XXX")
Note that in general
aStr.lastIndexOf("X") == aStr.getLength() - 1
converts to
aStr.isEmpty() || aStr.endsWith("X")
so I used the surrounding context to determine if aStr could be empty
when modifying the code.
Change-Id: I22cb8ca7c2a4d0288b001f72adb27fd63af87669
|
|
Change-Id: Idf4bee8c51e3082d2b815d9cf5c3d7374e598622
|
|
Convert places that call
aStr[aStr.getLength()-1] == 'x'
to use the shorter form
aStr.endsWith("x")
Change-Id: I1b3a19c0e89b8989cdbeed440f95fc76f9a4b6b6
|
|
They are practically always useless, often misleading or obsolete.
Change-Id: I2d32182a31349c9fb3b982498fd22d93e84c0c0c
|