Mirrors/overte
3
0
Fork 0
mirror of https://github.com/overte-org/overte.git synced 2025-04-22 16:13:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Disable whitelist on entity_server scripts.

Browse source
This commit is contained in:
Kasen IO 2020-01-05 23:32:28 -05:00
parent d872e9f07d
commit fb5dbfc52a
1 changed files with 15 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
libraries/script-engine/src/ScriptEngine.cpp
View file

@ -2377,15 +2377,21 @@ void ScriptEngine::entityScriptContentAvailable(const EntityItemID& entityID, co
// END PULL SAFEURLS FROM INTERFACE.JSON Settings
bool isInWhitelist = false; // assume unsafe
for (const auto& str : safeURLS) {
qCDebug(scriptengine) << whitelistPrefix << "Script URL: " << scriptOrURL << "TESTING AGAINST" << str << "RESULTS IN"
<< scriptOrURL.startsWith(str);
if (!str.isEmpty() && scriptOrURL.startsWith(str)) {
isInWhitelist = true;
qCDebug(scriptengine) << whitelistPrefix << "Script approved.";
break; // bail early since we found a match
}
}
if(ScriptEngine::getContext() == "entity_server") {
isInWhitelist = true;
} else {
for (const auto& str : safeURLS) {
qCDebug(scriptengine) << whitelistPrefix << "Script URL: " << scriptOrURL << "TESTING AGAINST" << str << "RESULTS IN"
<< scriptOrURL.startsWith(str);
if (!str.isEmpty() && scriptOrURL.startsWith(str)) {
isInWhitelist = true;
qCDebug(scriptengine) << whitelistPrefix << "Script approved.";
break; // bail early since we found a match
}
}
}
if (!isInWhitelist) {
qCDebug(scriptengine) << whitelistPrefix << "(disabled entity script)" << entityID.toString() << scriptOrURL;
exception = makeError("UNSAFE_ENTITY_SCRIPTS == 0");