diff --git a/wsd/ClientSession.cpp b/wsd/ClientSession.cpp index 0d8610971..d9b49bf24 100644 --- a/wsd/ClientSession.cpp +++ b/wsd/ClientSession.cpp @@ -213,9 +213,7 @@ bool ClientSession::_handleInput(const char *buffer, int length) } else { - // Allow 'downloadas' for all kinds of views - if ( (isReadOnly()) && tokens[0] != "downloadas" && - tokens[0] != "userinactive" && tokens[0] != "useractive") + if (!filterMessage(firstLine)) { const std::string dummyFrame = "dummymsg"; return forwardToChild(dummyFrame, docBroker); @@ -390,6 +388,22 @@ bool ClientSession::forwardToChild(const std::string& message, return docBroker->forwardToChild(getId(), message); } +bool ClientSession::filterMessage(const std::string& message) const +{ + bool allowed = true; + StringTokenizer tokens(message, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM); + if (isReadOnly()) + { + allowed = false; + if (tokens[0] == "downloadas" || tokens[0] == "userinactive" || tokens[0] == "useractive") + { + allowed = true; + } + } + + return allowed; +} + void ClientSession::setReadOnly() { _isReadOnly = true; diff --git a/wsd/ClientSession.hpp b/wsd/ClientSession.hpp index bf484f43c..370359361 100644 --- a/wsd/ClientSession.hpp +++ b/wsd/ClientSession.hpp @@ -87,6 +87,10 @@ private: bool forwardToChild(const std::string& message, const std::shared_ptr& docBroker); + /// Returns true if given message from the client should be allowed or not + /// Eg. in readonly mode only few messages should be allowed + bool filterMessage(const std::string& msg) const; + private: std::weak_ptr _docBroker;