From 450e21d4571decdb26637e7dd9ef45f368f658c7 Mon Sep 17 00:00:00 2001
From: bubnikv <bubnikv@gmail.com>
Date: Tue, 4 Feb 2020 16:10:39 +0100
Subject: [PATCH] Replaced unsafe use of dx_url.substr(0, 54) with
 boost::starts_with

---
 src/slic3r/Utils/PresetUpdater.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/slic3r/Utils/PresetUpdater.cpp b/src/slic3r/Utils/PresetUpdater.cpp
index ecdc12b50..3172a0682 100644
--- a/src/slic3r/Utils/PresetUpdater.cpp
+++ b/src/slic3r/Utils/PresetUpdater.cpp
@@ -301,9 +301,9 @@ void PresetUpdater::priv::sync_config(const VendorMap vendors)
 		const std::string idx_path = (cache_path / (vendor.id + ".idx")).string();
 		const std::string idx_path_temp = idx_path + "-update";
 		//check if idx_url is leading to our site 
-		if(idx_url.substr(0, 54) != "http://files.prusa3d.com/wp-content/uploads/repository")
+		if (! boost::starts_with(idx_url, "http://files.prusa3d.com/wp-content/uploads/repository/"))
 		{
-			BOOST_LOG_TRIVIAL(warning) << "unsafe url path for vendor: " << vendor.name;
+			BOOST_LOG_TRIVIAL(warning) << "unsafe url path for vendor \"" << vendor.name << "\" rejected: " << idx_url;
 			continue;
 		}
 		if (!get_file(idx_url, idx_path_temp)) { continue; }