Page MenuHomePhabricator
Files F15312125

D8551.id20292.diff
No OneTemporary
Actions

D8551.id20292.diff
View Options

diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -1090,6 +1090,7 @@
'PhabricatorApplicationFiles' => 'applications/files/application/PhabricatorApplicationFiles.php',
'PhabricatorApplicationFlags' => 'applications/flag/application/PhabricatorApplicationFlags.php',
'PhabricatorApplicationHarbormaster' => 'applications/harbormaster/application/PhabricatorApplicationHarbormaster.php',
+ 'PhabricatorApplicationHelp' => 'applications/help/application/PhabricatorApplicationHelp.php',
'PhabricatorApplicationHerald' => 'applications/herald/application/PhabricatorApplicationHerald.php',
'PhabricatorApplicationHome' => 'applications/home/application/PhabricatorApplicationHome.php',
'PhabricatorApplicationLaunchView' => 'applications/meta/view/PhabricatorApplicationLaunchView.php',
@@ -1129,6 +1130,7 @@
'PhabricatorApplicationSlowvote' => 'applications/slowvote/application/PhabricatorApplicationSlowvote.php',
'PhabricatorApplicationStatusView' => 'applications/meta/view/PhabricatorApplicationStatusView.php',
'PhabricatorApplicationSubscriptions' => 'applications/subscriptions/application/PhabricatorApplicationSubscriptions.php',
+ 'PhabricatorApplicationSupport' => 'applications/support/application/PhabricatorApplicationSupport.php',
'PhabricatorApplicationSystem' => 'applications/system/application/PhabricatorApplicationSystem.php',
'PhabricatorApplicationTest' => 'applications/base/controller/__tests__/PhabricatorApplicationTest.php',
'PhabricatorApplicationTokens' => 'applications/tokens/application/PhabricatorApplicationTokens.php',
@@ -1569,6 +1571,7 @@
'PhabricatorHash' => 'infrastructure/util/PhabricatorHash.php',
'PhabricatorHashTestCase' => 'infrastructure/util/__tests__/PhabricatorHashTestCase.php',
'PhabricatorHelpController' => 'applications/help/controller/PhabricatorHelpController.php',
+ 'PhabricatorHelpEditorProtocolController' => 'applications/help/controller/PhabricatorHelpEditorProtocolController.php',
'PhabricatorHelpKeyboardShortcutController' => 'applications/help/controller/PhabricatorHelpKeyboardShortcutController.php',
'PhabricatorHomeController' => 'applications/home/controller/PhabricatorHomeController.php',
'PhabricatorHomeMainController' => 'applications/home/controller/PhabricatorHomeMainController.php',
@@ -3751,6 +3754,7 @@
'PhabricatorApplicationFiles' => 'PhabricatorApplication',
'PhabricatorApplicationFlags' => 'PhabricatorApplication',
'PhabricatorApplicationHarbormaster' => 'PhabricatorApplication',
+ 'PhabricatorApplicationHelp' => 'PhabricatorApplication',
'PhabricatorApplicationHerald' => 'PhabricatorApplication',
'PhabricatorApplicationHome' => 'PhabricatorApplication',
'PhabricatorApplicationLaunchView' => 'AphrontView',
@@ -3788,6 +3792,7 @@
'PhabricatorApplicationSlowvote' => 'PhabricatorApplication',
'PhabricatorApplicationStatusView' => 'AphrontView',
'PhabricatorApplicationSubscriptions' => 'PhabricatorApplication',
+ 'PhabricatorApplicationSupport' => 'PhabricatorApplication',
'PhabricatorApplicationSystem' => 'PhabricatorApplication',
'PhabricatorApplicationTest' => 'PhabricatorApplication',
'PhabricatorApplicationTokens' => 'PhabricatorApplication',
@@ -4315,6 +4320,7 @@
'PhabricatorHarbormasterConfigOptions' => 'PhabricatorApplicationConfigOptions',
'PhabricatorHashTestCase' => 'PhabricatorTestCase',
'PhabricatorHelpController' => 'PhabricatorController',
+ 'PhabricatorHelpEditorProtocolController' => 'PhabricatorHelpController',
'PhabricatorHelpKeyboardShortcutController' => 'PhabricatorHelpController',
'PhabricatorHomeController' => 'PhabricatorController',
'PhabricatorHomeMainController' => 'PhabricatorHomeController',
diff --git a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
--- a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
@@ -23,9 +23,6 @@
'' => 'DarkConsoleController',
'data/(?P<key>[^/]+)/' => 'DarkConsoleDataController',
),
- '/help/' => array(
- 'keyboardshortcut/' => 'PhabricatorHelpKeyboardShortcutController',
- ),
);
}
diff --git a/src/applications/config/option/PhabricatorSecurityConfigOptions.php b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
--- a/src/applications/config/option/PhabricatorSecurityConfigOptions.php
+++ b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
@@ -126,6 +126,40 @@
->addExample(
'{"http": true, "https": true"}', pht('Valid Setting'))
->setLocked(true),
+ $this->newOption(
+ 'uri.allowed-editor-protocols',
+ 'set',
+ array(
+ 'http' => true,
+ 'https' => true,
+
+ // This handler is installed by Textmate.
+ 'txmt' => true,
+
+ // This handler is for MacVim.
+ 'mvim' => true,
+
+ // Unofficial handler for Vim.
+ 'vim' => true,
+
+ // Unofficial handler for Sublime.
+ 'subl' => true,
+
+ // Unofficial handler for Emacs.
+ 'emacs' => true,
+
+ // This isn't a standard handler installed by an application, but
+ // is a reasonable name for a user-installed handler.
+ 'editor' => true,
+ ))
+ ->setSummary(pht('Whitelists editor protocols for "Open in Editor".'))
+ ->setDescription(
+ pht(
+ "Users can configure a URI pattern to open files in a text ".
+ "editor. The URI must use a protocol on this whitelist.\n\n".
+ "(If you use an editor which defines a protocol not on this ".
+ "list, let us know and we'll update the defaults.)"))
+ ->setLocked(true),
$this->newOption(
'celerity.resource-hash',
'string',
diff --git a/src/applications/help/application/PhabricatorApplicationHelp.php b/src/applications/help/application/PhabricatorApplicationHelp.php
new file mode 100644
--- /dev/null
+++ b/src/applications/help/application/PhabricatorApplicationHelp.php
@@ -0,0 +1,22 @@
+<?php
+
+final class PhabricatorApplicationHelp extends PhabricatorApplication {
+
+ public function canUninstall() {
+ return false;
+ }
+
+ public function isUnlisted() {
+ return true;
+ }
+
+ public function getRoutes() {
+ return array(
+ '/help/' => array(
+ 'keyboardshortcut/' => 'PhabricatorHelpKeyboardShortcutController',
+ 'editorprotocol/' => 'PhabricatorHelpEditorProtocolController',
+ ),
+ );
+ }
+
+}
diff --git a/src/applications/help/controller/PhabricatorHelpEditorProtocolController.php b/src/applications/help/controller/PhabricatorHelpEditorProtocolController.php
new file mode 100644
--- /dev/null
+++ b/src/applications/help/controller/PhabricatorHelpEditorProtocolController.php
@@ -0,0 +1,52 @@
+<?php
+
+final class PhabricatorHelpEditorProtocolController
+ extends PhabricatorHelpController {
+
+ public function shouldAllowPublic() {
+ return true;
+ }
+
+ public function processRequest() {
+ $request = $this->getRequest();
+ $viewer = $request->getUser();
+
+ $dialog = id(new AphrontDialogView())
+ ->setUser($viewer)
+ ->setMethod('GET')
+ ->setSubmitURI('/settings/panel/display/')
+ ->setTitle(pht('Unsupported Editor Protocol'))
+ ->appendParagraph(
+ pht(
+ 'Your configured editor URI uses an unsupported protocol. Change '.
+ 'your settings to use a supported protocol, or ask your '.
+ 'administrator to add support for the chosen protocol by '.
+ 'configuring: %s',
+ phutil_tag('tt', array(), 'uri.allowed-editor-protocols')))
+ ->addSubmitButton(pht('Change Settings'))
+ ->addCancelButton('/');
+
+ return id(new AphrontDialogResponse())
+ ->setDialog($dialog);
+ }
+
+ public static function hasAllowedProtocol($uri) {
+ $uri = new PhutilURI($uri);
+ $editor_protocol = $uri->getProtocol();
+ if (!$editor_protocol) {
+ // The URI must have a protocol.
+ return false;
+ }
+
+ $allowed_key = 'uri.allowed-editor-protocols';
+ $allowed_protocols = PhabricatorEnv::getEnvConfig($allowed_key);
+ if (empty($allowed_protocols[$editor_protocol])) {
+ // The protocol must be on the allowed protocol whitelist.
+ return false;
+ }
+
+ return true;
+ }
+
+
+}
diff --git a/src/applications/people/storage/PhabricatorUser.php b/src/applications/people/storage/PhabricatorUser.php
--- a/src/applications/people/storage/PhabricatorUser.php
+++ b/src/applications/people/storage/PhabricatorUser.php
@@ -441,14 +441,26 @@
}
}
- if ($editor) {
- return strtr($editor, array(
- '%%' => '%',
- '%f' => phutil_escape_uri($path),
- '%l' => phutil_escape_uri($line),
- '%r' => phutil_escape_uri($callsign),
- ));
+ if (!strlen($editor)) {
+ return null;
}
+
+ $uri = strtr($editor, array(
+ '%%' => '%',
+ '%f' => phutil_escape_uri($path),
+ '%l' => phutil_escape_uri($line),
+ '%r' => phutil_escape_uri($callsign),
+ ));
+
+ // The resulting URI must have an allowed protocol. Otherwise, we'll return
+ // a link to an error page explaining the misconfiguration.
+
+ $ok = PhabricatorHelpEditorProtocolController::hasAllowedProtocol($uri);
+ if (!$ok) {
+ return '/help/editorprotocol/';
+ }
+
+ return (string)$uri;
}
public function getAlternateCSRFString() {
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelDisplayPreferences.php b/src/applications/settings/panel/PhabricatorSettingsPanelDisplayPreferences.php
--- a/src/applications/settings/panel/PhabricatorSettingsPanelDisplayPreferences.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelDisplayPreferences.php
@@ -26,6 +26,8 @@
$pref_monospaced_textareas =
PhabricatorUserPreferences::PREFERENCE_MONOSPACED_TEXTAREAS;
+ $errors = array();
+ $e_editor = null;
if ($request->isFormPost()) {
$monospaced = $request->getStr($pref_monospaced);
@@ -42,9 +44,35 @@
$pref_monospaced_textareas,
$request->getStr($pref_monospaced_textareas));
- $preferences->save();
- return id(new AphrontRedirectResponse())
- ->setURI($this->getPanelURI('?saved=true'));
+ $editor_pattern = $preferences->getPreference($pref_editor);
+ if (strlen($editor_pattern)) {
+ $ok = PhabricatorHelpEditorProtocolController::hasAllowedProtocol(
+ $editor_pattern);
+ if (!$ok) {
+ $allowed_key = 'uri.allowed-editor-protocols';
+ $allowed_protocols = PhabricatorEnv::getEnvConfig($allowed_key);
+
+ $proto_names = array();
+ foreach (array_keys($allowed_protocols) as $protocol) {
+ $proto_names[] = $protocol.'://';
+ }
+
+ $errors[] = pht(
+ 'Editor link has an invalid or missing protocol. You must '.
+ 'use a whitelisted editor protocol from this list: %s. To '.
+ 'add protocols, update %s.',
+ implode(', ', $proto_names),
+ phutil_tag('tt', array(), $allowed_key));
+
+ $e_editor = pht('Invalid');
+ }
+ }
+
+ if (!$errors) {
+ $preferences->save();
+ return id(new AphrontRedirectResponse())
+ ->setURI($this->getPanelURI('?saved=true'));
+ }
}
$example_string = <<<EXAMPLE
@@ -95,8 +123,8 @@
id(new AphrontFormTextControl())
->setLabel(pht('Editor Link'))
->setName($pref_editor)
- // How to pht()
->setCaption($editor_instructions)
+ ->setError($e_editor)
->setValue($preferences->getPreference($pref_editor)))
->appendChild(
id(new AphrontFormSelectControl())
@@ -139,6 +167,7 @@
$form_box = id(new PHUIObjectBoxView())
->setHeaderText(pht('Display Preferences'))
+ ->setFormErrors($errors)
->setFormSaved($request->getStr('saved') === 'true')
->setForm($form);
diff --git a/src/applications/support/application/PhabricatorApplicationSupport.php b/src/applications/support/application/PhabricatorApplicationSupport.php
new file mode 100644
--- /dev/null
+++ b/src/applications/support/application/PhabricatorApplicationSupport.php
@@ -0,0 +1,21 @@
+<?php
+
+final class PhabricatorApplicationSupport extends PhabricatorApplication {
+
+ public function canUninstall() {
+ return false;
+ }
+
+ public function isUnlisted() {
+ return true;
+ }
+
+ public function getRoutes() {
+ return array(
+ '/help/' => array(
+ 'keyboardshortcut/' => 'PhabricatorHelpKeyboardShortcutController',
+ ),
+ );
+ }
+
+}

File Metadata

Mime Type
text/plain
Expires
Fri, Mar 7, 2:11 PM (4 d, 19 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7332856
Default Alt Text
D8551.id20292.diff (12 KB)

Event Timeline

Phabricator · Built by Phacility