/** Returns null if XWT should always use direct connection; otherwise returns a ProxyInfo object with proxy settings */
protected synchronized HTTP.ProxyInfo _detectProxy() { return null; }
- /** displays a platform-specific "open file" dialog and returns the chosen filename */
+ /** displays a platform-specific "open file" dialog and returns the chosen filename, or null if the user hit cancel */
protected String _fileDialog(String suggestedFileName, boolean write) { return null; }
/** returns true iff the platform has a case-sensitive filesystem */
/** returns true iff the platform has a case-sensitive filesystem */
public static boolean isCaseSensitive() { return platform._isCaseSensitive(); }
- /** displays a platform-specific "open file" dialog and returns the chosen filename */
+ /** displays a platform-specific "open file" dialog and returns the chosen filename, or null if the user hit cancel */
public static String fileDialog(String suggestedFileName, boolean write) {
- // put ourselves in the background
- Thread thread = Thread.currentThread();
- if (!(thread instanceof ThreadMessage)) {
- if (Log.on) Log.log(Platform.class, "xwt.openFile may only be called from background threads");
- return null;
- }
- ThreadMessage mythread = (ThreadMessage)thread;
- mythread.setPriority(Thread.MIN_PRIORITY);
- mythread.done.release();
-
+ if (!ThreadMessage.suspendThread()) return null;
try {
return platform._fileDialog(suggestedFileName, write);
} finally {
- // okay, let ourselves be brought to the foreground
- MessageQueue.add(mythread);
- mythread.setPriority(Thread.NORM_PRIORITY);
- mythread.go.block();
+ ThreadMessage.resumeThread();
}
}
if (Log.on) Log.log(Platform.class, "xwt.newBrowserWindow() only supports http and https urls");
return;
}
+
+ // check the URL for well-formedness, as a defense against buffer overflow attacks
+ try {
+ String u = url;
+ if (u.startsWith("https")) u = "http" + u.substring(5);
+ new URL(u);
+ } catch (MalformedURLException e) {
+ if (Log.on) Log.log(Platform.class, "URL " + url + " is not well-formed");
+ if (Log.on) Log.log(Platform.class, e);
+ }
+
if (Log.on) Log.log(Platform.class, "newBrowserWindow, url = " + url);
platform._newBrowserWindow(url);
}