From d349f634d0371b9af94f5395dc9de6fa3b5a3eb9 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Sat, 9 Dec 2017 14:45:54 +0100 Subject: [PATCH] ignore data uri after aesgcm uri --- .../siacs/conversations/entities/Message.java | 19 ++++++++++++------- .../http/HttpDownloadConnection.java | 2 +- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/entities/Message.java b/src/main/java/eu/siacs/conversations/entities/Message.java index 9e8f2944b..1335d4bc2 100644 --- a/src/main/java/eu/siacs/conversations/entities/Message.java +++ b/src/main/java/eu/siacs/conversations/entities/Message.java @@ -724,17 +724,22 @@ public class Message extends AbstractEntity { public synchronized boolean treatAsDownloadable() { if (treatAsDownloadable == null) { - if (body.trim().contains(" ")) { - treatAsDownloadable = false; - } try { - final URL url = new URL(body); + final String[] lines = body.split("\n"); + for(String line : lines) { + if (line.contains("\\s+")) { + treatAsDownloadable = false; + return treatAsDownloadable; + } + } + final URL url = new URL(lines[0]); final String ref = url.getRef(); final String protocol = url.getProtocol(); final boolean encrypted = ref != null && AesGcmURLStreamHandler.IV_KEY.matcher(ref).matches(); - treatAsDownloadable = (AesGcmURLStreamHandler.PROTOCOL_NAME.equalsIgnoreCase(protocol) && encrypted) - || (("http".equalsIgnoreCase(protocol) || "https".equalsIgnoreCase(protocol)) && (oob || encrypted)); - + final boolean followedByDataUri = lines.length == 2 && lines[1].startsWith("data:"); + final boolean validAesGcm = AesGcmURLStreamHandler.PROTOCOL_NAME.equalsIgnoreCase(protocol) && encrypted && (lines.length == 1 || followedByDataUri); + final boolean validOob = ("http".equalsIgnoreCase(protocol) || "https".equalsIgnoreCase(protocol)) && (oob || encrypted) && lines.length == 1; + treatAsDownloadable = validAesGcm || validOob; } catch (MalformedURLException e) { treatAsDownloadable = false; } diff --git a/src/main/java/eu/siacs/conversations/http/HttpDownloadConnection.java b/src/main/java/eu/siacs/conversations/http/HttpDownloadConnection.java index 223df4cce..bd8921ce4 100644 --- a/src/main/java/eu/siacs/conversations/http/HttpDownloadConnection.java +++ b/src/main/java/eu/siacs/conversations/http/HttpDownloadConnection.java @@ -72,7 +72,7 @@ public class HttpDownloadConnection implements Transferable { if (message.hasFileOnRemoteHost()) { mUrl = CryptoHelper.toHttpsUrl(message.getFileParams().url); } else { - mUrl = CryptoHelper.toHttpsUrl(new URL(message.getBody())); + mUrl = CryptoHelper.toHttpsUrl(new URL(message.getBody().split("\n")[0])); } String[] parts = mUrl.getPath().toLowerCase().split("\\."); String lastPart = parts.length >= 1 ? parts[parts.length - 1] : null;