3DPrinting/PrusaSlicer-NonPlainar
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Replaced unsafe use of dx_url.substr(0, 54) with boost::starts_with

Browse source
This commit is contained in:
bubnikv 2020-02-04 16:10:39 +01:00
parent c2598cf8d6
commit 450e21d457
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/slic3r/Utils/PresetUpdater.cpp
View file

@ -301,9 +301,9 @@ void PresetUpdater::priv::sync_config(const VendorMap vendors)
const std::string idx_path = (cache_path / (vendor.id + ".idx")).string(); const std::string idx_path = (cache_path / (vendor.id + ".idx")).string();
const std::string idx_path_temp = idx_path + "-update"; const std::string idx_path_temp = idx_path + "-update";
//check if idx_url is leading to our site //check if idx_url is leading to our site
if(idx_url.substr(0, 54) != "http://files.prusa3d.com/wp-content/uploads/repository") if (! boost::starts_with(idx_url, "http://files.prusa3d.com/wp-content/uploads/repository/"))
{ {
BOOST_LOG_TRIVIAL(warning) << "unsafe url path for vendor: " << vendor.name; BOOST_LOG_TRIVIAL(warning) << "unsafe url path for vendor \"" << vendor.name << "\" rejected: " << idx_url;
continue; continue;
} }
if (!get_file(idx_url, idx_path_temp)) { continue; } if (!get_file(idx_url, idx_path_temp)) { continue; }