From 030b5719784fe8c4122b5eb31bc223cc8fb70c1b Mon Sep 17 00:00:00 2001 From: Thomas Leonard Date: Mon, 25 Aug 2008 09:05:42 +0100 Subject: [PATCH] Reject obvious attempts to drag archives to 0desktop People keep trying to drag .exe, .tar.bz2, etc archives to 0desktop. Reject URLs ending in these strings with a more helpful error message (rather than downloading them and complaining that it's not XML). --- zeroinstall/gtkui/addbox.py | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/zeroinstall/gtkui/addbox.py b/zeroinstall/gtkui/addbox.py index 0ebb54c..455407e 100644 --- a/zeroinstall/gtkui/addbox.py +++ b/zeroinstall/gtkui/addbox.py @@ -52,9 +52,10 @@ class AddBox: data = data.split('\n', 1)[0].strip() else: data = selection_data.data.split('\n', 1)[0].strip() - uri.set_text(data) - drag_context.finish(True, False, timestamp) - self.window.response(_RESPONSE_NEXT) + if self._sanity_check(data): + uri.set_text(data) + drag_context.finish(True, False, timestamp) + self.window.response(_RESPONSE_NEXT) return True self.window.drag_dest_set(gtk.DEST_DEFAULT_MOTION | gtk.DEST_DEFAULT_DROP | gtk.DEST_DEFAULT_HIGHLIGHT, [('text/uri-list', 0, _URI_LIST), @@ -103,6 +104,8 @@ class AddBox: def response(box, resp): if resp == _RESPONSE_NEXT: iface = uri.get_text() + if not self._sanity_check(iface): + return self.window.set_sensitive(False) self.set_keep_above(False) import popen2 @@ -156,3 +159,17 @@ class AddBox: # click-to-raise and in that mode drag-and-drop # is useless without this... self.window.set_keep_above(above) + + def _sanity_check(self, uri): + if uri.endswith('.tar.bz2') or \ + uri.endswith('.tar.gz') or \ + uri.endswith('.exe') or \ + uri.endswith('.rpm') or \ + uri.endswith('.deb') or \ + uri.endswith('.tgz'): + box = gtk.MessageDialog(self.window, gtk.DIALOG_MODAL, gtk.MESSAGE_ERROR, gtk.BUTTONS_OK, + "This URI (%s) looks like an archive, not a Zero Install feed. Make sure you're using the feed link!" % uri) + box.run() + box.destroy() + return False + return True -- 2.11.4.GIT