YGGverse/Yoda
1
0
Fork 0
mirror of https://github.com/YGGverse/Yoda.git synced 2026-04-02 17:45:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

disable external redirections by default

Browse source
This commit is contained in:
yggverse 2025-03-15 23:10:15 +02:00
parent 1fa155e2d1
commit 7ad322e06e
1 changed files with 24 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

37
src/app/browser/window/tab/item/client/driver/gemini.rs
View file

@ -12,7 +12,7 @@ use gtk::{
gdk_pixbuf::Pixbuf, gdk_pixbuf::Pixbuf,
gio::{Cancellable, SocketClientEvent}, gio::{Cancellable, SocketClientEvent},
glib::{Priority, Uri}, glib::{Priority, Uri},
prelude::{FileExt, SocketClientExt}, prelude::{ButtonExt, FileExt, SocketClientExt},
}; };
use sourceview::prelude::InputStreamExtManual; use sourceview::prelude::InputStreamExtManual;
use std::{cell::Cell, path::MAIN_SEPARATOR, rc::Rc, time::Duration}; use std::{cell::Cell, path::MAIN_SEPARATOR, rc::Rc, time::Duration};
@ -415,18 +415,29 @@ fn handle(
page.set_progress(0.0); page.set_progress(0.0);
page.set_title(&status.title()); page.set_title(&status.title());
redirects.replace(0); // reset redirects.replace(0); // reset
/* @TODO can't find that in specification, implement manual confirmation status page: // Disallow external redirection by default as potentially unsafe
// Disallow external redirection by protocol restrictions // even not specified, require follow confirmation @TODO optional
} else if "gemini" != target.scheme() } else if uri.host() != target.host() {
|| uri.port() != target.port() let url = target.to_string();
|| uri.host() != target.host() { let status = page.content.to_status_failure();
let status = page.content.to_status_failure(); status.set_title("External redirection");
status.set_description(Some("External redirects not allowed by protocol specification")); status.set_icon_name(Some("dialog-warning-symbolic"));
page.set_progress(0.0); status.set_description(Some(&url));
page.set_title(&status.title()); status.set_child(Some(&{
redirects.replace(0); // reset let button = gtk::Button::builder()
*/ .css_classes(["suggested-action"])
// Valid .halign(gtk::Align::Center)
.label("Follow")
.build();
button.connect_clicked({
let page = page.clone();
move |_| page.item_action.load.activate(Some(&url), false)
});
button
}));
page.set_progress(0.0);
page.set_title(&status.title());
redirects.replace(0); // reset
} else { } else {
if matches!(redirect, Redirect::Permanent { .. }) { if matches!(redirect, Redirect::Permanent { .. }) {
page.navigation.set_request(&target.to_string()); page.navigation.set_request(&target.to_string());