From ac4afbec6c7b5ec7b3e75158b4de2e6a731ee20c Mon Sep 17 00:00:00 2001 From: Karl Burtram Date: Mon, 23 Jan 2023 12:01:53 -0800 Subject: [PATCH] Add allow list of valid notebook command uris (#163322) (#21701) * Add allow list of valid notebook command uris (#163322) This restricts notebooks to run three command uris. These 3 commands should all be safe to run, even with untrusted inputs * Fix incorrectly resolved merge conflict Co-authored-by: Matt Bierner --- .../view/renderers/backLayerWebView.ts | 58 +++++++++---------- 1 file changed, 27 insertions(+), 31 deletions(-) diff --git a/src/vs/workbench/contrib/notebook/browser/view/renderers/backLayerWebView.ts b/src/vs/workbench/contrib/notebook/browser/view/renderers/backLayerWebView.ts index e7eb6869b2..28cb3461b2 100644 --- a/src/vs/workbench/contrib/notebook/browser/view/renderers/backLayerWebView.ts +++ b/src/vs/workbench/contrib/notebook/browser/view/renderers/backLayerWebView.ts @@ -539,24 +539,8 @@ var requirejs = (function() { return; } - if (matchesScheme(link, Schemas.command)) { - const ret = /command\:workbench\.action\.openLargeOutput\?(.*)/.exec(link); - if (ret && ret.length === 2) { - const outputId = ret[1]; - this.openerService.open(CellUri.generateCellOutputUri(this.documentUri, outputId)); - return; - } - console.warn('Command links are deprecated and will be removed, use message passing instead: https://github.com/microsoft/vscode/issues/123601'); - } - - if (matchesScheme(link, Schemas.command)) { - if (this.workspaceTrustManagementService.isWorkspaceTrusted()) { - this.openerService.open(link, { fromUserGesture: true, allowContributedOpeners: true, allowCommands: true }); - } else { - console.warn('Command links are disabled in untrusted workspaces'); - } - } else if (matchesSomeScheme(link, Schemas.vscodeNotebookCell, Schemas.http, Schemas.https, Schemas.mailto)) { - this.openerService.open(link, { fromUserGesture: true, allowContributedOpeners: true, allowCommands: true }); + if (matchesSomeScheme(link, Schemas.vscodeNotebookCell, Schemas.http, Schemas.https, Schemas.mailto)) { + this.openerService.open(link, { fromUserGesture: true, allowContributedOpeners: true, allowCommands: false }); } })); @@ -666,23 +650,35 @@ var requirejs = (function() { } case 'clicked-link': { let linkToOpen: URI | string | undefined; + if (matchesScheme(data.href, Schemas.command)) { - const ret = /command\:workbench\.action\.openLargeOutput\?(.*)/.exec(data.href); - if (ret && ret.length === 2) { - const outputId = ret[1]; - const group = this.editorGroupService.activeGroup; - - if (group) { - if (group.activeEditor) { - group.pinEditor(group.activeEditor); + // We allow a very limited set of commands + const uri = URI.parse(data.href); + switch (uri.path) { + case 'workbench.action.openLargeOutput': { + const outputId = uri.query; + const group = this.editorGroupService.activeGroup; + if (group) { + if (group.activeEditor) { + group.pinEditor(group.activeEditor); + } } - } - this.openerService.open(CellUri.generateCellOutputUri(this.documentUri, outputId)); - return; + this.openerService.open(CellUri.generateCellOutputUri(this.documentUri, outputId)); + return; + } + case 'github-issues.authNow': + case 'workbench.extensions.search': + case 'workbench.action.openSettings': { + this.openerService.open(data.href, { fromUserGesture: true, allowCommands: true }); + return; + } } + + return; } - if (matchesSomeScheme(data.href, Schemas.http, Schemas.https, Schemas.mailto, Schemas.command, Schemas.vscodeNotebookCell, Schemas.vscodeNotebook)) { + + if (matchesSomeScheme(data.href, Schemas.http, Schemas.https, Schemas.mailto, Schemas.vscodeNotebookCell, Schemas.vscodeNotebook)) { linkToOpen = data.href; } else if (!/^[\w\-]+:/.test(data.href)) { if (this.documentUri.scheme === Schemas.untitled) { @@ -711,7 +707,7 @@ var requirejs = (function() { } if (linkToOpen) { - this.openerService.open(linkToOpen, { fromUserGesture: true, allowCommands: true }); + this.openerService.open(linkToOpen, { fromUserGesture: true, allowCommands: false }); } break; }