gecko-dev/cmd/winfe/ngdwtrst.cpp
1998-03-28 02:44:41 +00:00

286 lines
9.9 KiB
C++
Executable File

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#include "stdafx.h"
#include "ngdwtrst.h"
#include "helper.h"
#include "viewerse.h"
CSpawnList::CSpawnList() {
// Purpose: Create our spawn list, by reading in entries out of the INI file.
// Arguments: void
// Returns: none
// Comments: Must be called after correct resolution of the INI file is completed.
// Revision History:
// 04-10-95 created GAB
//
CString csProfile = AfxGetApp()->m_pszProfileName; // Profile file.
CString csEntry, csRelationship; // Entry, actual value.
DWORD dwRead;
DWORD dwBuffSize = 0; // Size of read buffer.
char *pBuffer = NULL;
do {
dwBuffSize += 16; // Increment the buffer, if we already had one, get rid of it.
if(pBuffer != NULL) {
delete[] pBuffer;
}
pBuffer = new char[dwBuffSize]; // keep off stack.
if(pBuffer == NULL) {
// Well, there's not enough memory to do anything.
// We're just skipping out with no registrations whatsoever.
pBuffer = new char[2];
*pBuffer = '\0';
break;
}
// Read in an entire section, to get all the possible app names.
dwRead = theApp.GetPrivateProfileString(
SZ_IN_GOD_WE_TRUST, NULL, "", pBuffer, dwBuffSize, csProfile);
// Continue the loop if the buffer was too small.
} while(dwRead == (dwBuffSize - 2));
// Loop through the entries.
// End of list is double NULL.
char *pTraverse = pBuffer;
CTrust *pTrust;
while(*pTraverse != '\0') {
csEntry = pTraverse;
// Look up to see if this entry is friend or foe.
csRelationship = theApp.GetProfileString(SZ_IN_GOD_WE_TRUST, csEntry, SZ_NO);
// Add it to the list (Default is no).
if(csRelationship.CompareNoCase(SZ_YES) == 0) {
pTrust = new CTrust(csEntry, CTrust::m_Friend);
}
else {
pTrust = new CTrust(csEntry, CTrust::m_Stranger);
}
m_cplOpinions.AddTail(pTrust);
// Increment beyond the length of the entry, +1 for the NULL.
pTraverse += csEntry.GetLength() + 1;
}
// Get rid of our buffer.
delete[] pBuffer;
}
CSpawnList::~CSpawnList() {
// Purpose: Write our spawn list to the INI file.
// Arguments: void
// Returns: none
// Comments: Must be called before the INI file name is lost.
// Revision History:
// 04-10-95 created GAB
//
// Go through our list, and write each value out to the INI file.
CTrust *pTrust;
while(m_cplOpinions.IsEmpty() == FALSE) {
pTrust = (CTrust *)m_cplOpinions.RemoveHead();
if(pTrust->GetRelationship() == CTrust::m_Stranger) {
theApp.WriteProfileString(SZ_IN_GOD_WE_TRUST, pTrust->GetExeName(), SZ_NO);
}
else {
theApp.WriteProfileString(SZ_IN_GOD_WE_TRUST, pTrust->GetExeName(), SZ_YES);
}
delete pTrust;
}
}
BOOL CSpawnList::CanSpawn(CString& csExeName, CWnd *pWnd) {
// Purpose: Determines if an EXE can be spawned off or not.
// Arguments: csExeName The application in question.
// pWnd The owner of the dialog box.
// Returns: BOOL TRUE Can spawn.
// FALSE Can't spawn.
// Comments: If the EXE isn't in the list, then we'll popup a generic dialog box asking
// the user what to do. If they ask for the entry to be persistant, then
// we'll add it to the list.
// All spawned executables, wether external viewers, or implicit embeds, must be
// validated by the user.
// Revision History:
// 04-10-95 created GAB
//
// Can't spawn anything without a name!
if(csExeName.IsEmpty()) {
return(FALSE);
}
// We immediately have to trust anything that is marked as good in the
// registry.
// First, check to see if the executable is by default trusted by the user (set up
// as an external viewer through preferences).
POSITION rIndex = CHelperApp::m_cplHelpers.GetHeadPosition();
CHelperApp *pApp;
while(rIndex != NULL) {
pApp = (CHelperApp *)CHelperApp::m_cplHelpers.GetNext(rIndex);
if(pApp->csCmd.CompareNoCase(csExeName) == 0) {
// We're going to be comparing a mime type below, make sure the app has one assigned.
if(pApp->cd_item != NULL && pApp->cd_item->ci.type != NULL) {
// Before we go off validating this one, make sure it's not a fake association from
// the registry or win.ini file.
if(strncmp(pApp->cd_item->ci.type, SZ_WINASSOC, strlen(SZ_WINASSOC)) == 0) {
// It's fake, we won't let this through.
// We continue, because there very well could be duplicate apps, some which
// may be valid.
continue;
}
// Make sure that the app is set up to handle as an external viewer.
// If not, then we'll continue along our merry way, there may be a duplicate
// setting allowing the app to function as an external viewer.
if(pApp->how_handle == HANDLE_EXTERNAL) {
// Trusted since the user has set this app up to be an external viewer.
return(TRUE);
}
}
}
}
// Loop through the entries that we have.
// Do a comparison without case.
// If it exists, then we check wether or not we will trust it.
rIndex = m_cplOpinions.GetHeadPosition();
CTrust *pTrust;
while(rIndex != NULL) {
pTrust = (CTrust *)m_cplOpinions.GetNext(rIndex);
if(pTrust->GetExeName().CompareNoCase(csExeName) == 0) {
if(pTrust->GetRelationship() == CTrust::m_Stranger) {
return(FALSE);
}
else {
return(TRUE);
}
}
}
// Finally, it doesn't exist in our list. We need to prompt the user, and possibly
// add the entry to our list if they want the setting to be persistant.
CViewerSecurity dlgSecurity(pWnd);
// Initialize the dialog to some defaults.
char *pBuf = new char[512]; // Keep it off the stack.
CString csBuf;
csBuf.LoadString(IDS_VIEWER_SEC_MESSAGE);
sprintf(pBuf, csBuf, (const char *)csExeName);
dlgSecurity.m_csMessage = pBuf;
csBuf.LoadString(IDS_VIEWER_SEC_DONTASK);
sprintf(pBuf, csBuf, (const char *)csExeName);
dlgSecurity.m_csDontAskText = pBuf;
delete[] pBuf;
// Have the user decide.
dlgSecurity.DoModal();
if(dlgSecurity.m_bCanceled == FALSE) {
// Check for persistance.
if(dlgSecurity.m_bAskNoMore == TRUE) {
m_cplOpinions.AddTail(new CTrust(csExeName, CTrust::m_Friend));
}
// They want to go ahead and become the recepticle of a virus.
return(TRUE);
}
else {
// Check for persistance.
if(dlgSecurity.m_bAskNoMore == TRUE) {
m_cplOpinions.AddTail(new CTrust(csExeName, CTrust::m_Stranger));
}
// They want no part of corrupting their machine, and are good little children of the
// internet.
return(FALSE);
}
}
// Returns TRUE if we should ask the user before downloading a file of this type or
// FALSE if the user has indicated we trust it
BOOL CSpawnList::PromptBeforeOpening(LPCSTR lpszApp)
{
BOOL bPrompt = TRUE;
POSITION rIndex;
// Loop through the entries that we have. Do a comparison without case.
// If it exists, then we check wether or not we will trust it.
rIndex = m_cplOpinions.GetHeadPosition();
while (rIndex != NULL) {
CTrust *pTrust = (CTrust *)m_cplOpinions.GetNext(rIndex);
if (pTrust->GetExeName().CompareNoCase(lpszApp) == 0) {
bPrompt = pTrust->GetRelationship() == CTrust::m_Stranger;
break;
}
}
return bPrompt;
}
void
CSpawnList::SetPromptBeforeOpening(LPCSTR lpszApp, BOOL bPrompt)
{
POSITION rIndex, rCurrent;
// Loop through the entries that we have. Do a comparison without case.
rIndex = m_cplOpinions.GetHeadPosition();
while (rIndex != NULL) {
rCurrent = rIndex;
CTrust *pTrust = (CTrust *)m_cplOpinions.GetNext(rIndex);
if (pTrust->GetExeName().CompareNoCase(lpszApp) == 0) {
if (bPrompt) {
// Remove this entry from the list
theApp.WriteProfileString(SZ_IN_GOD_WE_TRUST, pTrust->GetExeName(), NULL);
m_cplOpinions.RemoveAt(rCurrent);
delete pTrust;
} else {
// User no longer wants to be prompted before opening downloaded
// files of this type. Mark it as being trusted
pTrust->SetRelationship(CTrust::m_Friend);
}
return;
}
}
// We didn't find an existing entry in the list
if (!bPrompt) {
CString strApp(lpszApp);
// User no longer wants to be prompted before opening downloaded files
// of this type
m_cplOpinions.AddTail(new CTrust(strApp, CTrust::m_Friend));
}
}