From a4b6bf8c41b54554286117b97e78412a32b5147f Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Mon, 2 Mar 2015 19:09:36 +0100
Subject: player: refine rar:// playlist-safety handling

It was possible to make the player play local files by putting rar://
links into remote playlists, and some other potentially unsafe things.

Redo the handling of it. Now the rar-redirector (the thing in
demux_playlist.c) sets disable_safety, which makes the player open any
playlist entries returned. This is fine, because it redirects to the
same file anyway (just with different selection/interpretation of the
contents). On the other hand, rar:// itself is now considered fully
unsafe, which means that it is ignored if found in normal playlists.
---
 demux/demux_playlist.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'demux')

diff --git a/demux/demux_playlist.c b/demux/demux_playlist.c
index c0e868d209..13f1fe6ac3 100644
--- a/demux/demux_playlist.c
+++ b/demux/demux_playlist.c
@@ -201,6 +201,7 @@ static int parse_rar(struct pl_parser *p)
     if (RarParse(p->s, &count, &files))
         return -1;
 
+    p->pl->disable_safety = true; // make it load rar://
     char *prefix = mp_url_escape(p, p->real_stream->url, "~|");
     for (int n = 0; n < count; n++) {
         // stream_rar.c does the real work
-- 
cgit v1.2.3