Use security URL from wxWebViewHandler in wxWebViewIE
Don't use hard-coded 'http://localhost', but use the URL specified in the wxWebViewHandler. By default, the security URL is empty and no modifications are made when parsing a URL. This fixes using JavaScript in pages loaded with a custom protocol, e.g. from wxWebViewFSHandler or wxWebViewArchiveHandler. Closes #17893
This commit is contained in:
Maarten Bent
@@ -1762,27 +1762,25 @@ HRESULT STDMETHODCALLTYPE VirtualProtocol::ParseUrl(
|
|||||||
DWORD dwReserved)
|
DWORD dwReserved)
|
||||||
{
|
{
|
||||||
wxUnusedVar(pwzUrl);
|
wxUnusedVar(pwzUrl);
|
||||||
wxUnusedVar(ParseAction);
|
|
||||||
wxUnusedVar(dwParseFlags);
|
wxUnusedVar(dwParseFlags);
|
||||||
wxUnusedVar(pwzResult);
|
|
||||||
wxUnusedVar(cchResult);
|
|
||||||
wxUnusedVar(pcchResult);
|
|
||||||
wxUnusedVar(dwReserved);
|
wxUnusedVar(dwReserved);
|
||||||
|
|
||||||
|
const size_t secLen = m_handler->GetSecurityURL().length();
|
||||||
|
if ( secLen > 0 )
|
||||||
|
{
|
||||||
switch ( ParseAction )
|
switch ( ParseAction )
|
||||||
{
|
{
|
||||||
case wxPARSE_SECURITY_URL:
|
case wxPARSE_SECURITY_URL:
|
||||||
case wxPARSE_SECURITY_DOMAIN:
|
case wxPARSE_SECURITY_DOMAIN:
|
||||||
{
|
{
|
||||||
const wchar_t Result[] = L"http://localhost";
|
if ( cchResult <= secLen )
|
||||||
size_t Len = wcslen(Result);
|
|
||||||
if(cchResult <= Len)
|
|
||||||
return S_FALSE;
|
return S_FALSE;
|
||||||
wcscpy(pwzResult, Result);
|
wcscpy(pwzResult, m_handler->GetSecurityURL().wc_str());
|
||||||
*pcchResult = Len;
|
*pcchResult = secLen;
|
||||||
return S_OK;
|
return S_OK;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return INET_E_DEFAULT_ACTION;
|
return INET_E_DEFAULT_ACTION;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user