/*****************************************************************************
* Preamble
*****************************************************************************/
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
#include <vlc/vlc.h>
#include "variables.h"
#include "libvlc.h"
+#include "vlc_interface.h"
+
/*****************************************************************************
* Private types
*****************************************************************************/
int i_name_len, i_type;
vlc_bool_t b_isno = VLC_FALSE;
vlc_value_t val;
+ val.psz_string = NULL;
if( psz_value ) i_name_len = psz_value - psz_option;
else i_name_len = strlen( psz_option );
if( ( i_type != VLC_VAR_BOOL ) &&
( !psz_value || !*psz_value ) ) goto cleanup; /* Invalid value */
+ /* check if option is unsafe */
+ {
+ module_config_t *p_config = config_FindConfig( p_obj, psz_name );
+ if( !p_config->b_safe )
+ {
+ int policy = config_GetInt( p_obj, "security-policy" );
+ switch( policy )
+ {
+ case 0: /* block */
+ msg_Err( p_obj, "option %s is unsafe and is blocked by security policy", psz_name );
+ return;
+ case 1: /* allow */
+ break;
+ case 2: /* prompt */
+ {
+ char description[256];
+ snprintf(description, sizeof(description), _("playlist item is making use of the following unsafe option '%s', which may be harmful if used in a malicious way, authorize it ?"), psz_name);
+ if( DIALOG_OK_YES != intf_UserYesNo( p_obj, _("WARNING: Unsafe Playlist"), description, _("Yes"), _("No"), NULL) )
+ {
+ msg_Err( p_obj, "option %s is unsafe and is blocked by security policy", psz_name );
+ return;
+ }
+ }
+ default:
+ ;
+ }
+ }
+ }
+
/* Create the variable in the input object.
* Children of the input object will be able to retreive this value
* thanks to the inheritance property of the object variables. */
case VLC_VAR_MODULE:
case VLC_VAR_FILE:
case VLC_VAR_DIRECTORY:
- if( val.psz_string ) free( val.psz_string );
val.psz_string = psz_value;
break;