Don't send local paths to the sidebar

The formatter function given to the bridge plugin is now guest.formatAnnotation() for better testability. If annotation.document.link exists, it is filtered, no hrefs starting with file:// protocol can get through to the sidebar. With this we do not store any local path. Fix #1661
hypothesis · Nov 21, 2014 · cf01ed8 · cf01ed8
1 parent d1701da
commit cf01ed8
Showing 1 changed file with 22 additions and 10 deletions.
diff --git a/h/static/scripts/guest.coffee b/h/static/scripts/guest.coffee
@@ -47,16 +47,7 @@ class Annotator.Guest extends Annotator
     delete @options.app
 
     this.addPlugin 'Bridge',
-      formatter: (annotation) =>
-        formatted = {}
-        formatted['uri'] = @getHref()
-        for k, v of annotation when k isnt 'anchors'
-          formatted[k] = v
-        # Work around issue in jschannel where a repeated object is considered
-        # recursive, even if it is not its own ancestor.
-        if formatted.document?.title
-          formatted.document.title = formatted.document.title.slice()
-        formatted
+      formatter: @formatAnnotation
       onConnect: (source, origin, scope) =>
         @panel = this._setupXDM
           window: source
@@ -119,6 +110,27 @@ class Annotator.Guest extends Annotator
       # Announce the new positions, so that the sidebar knows
       this.plugins.Bridge.sync([highlight.annotation])
 
+  # Used by the bridge plugin to transfer annotation data
+  formatAnnotation: (annotation) =>
+    formatted = {}
+    formatted['uri'] = @getHref()
+    for k, v of annotation when k isnt 'anchors'
+      formatted[k] = v
+    # Work around issue in jschannel where a repeated object is considered
+    # recursive, even if it is not its own ancestor.
+    if formatted.document?.title
+      formatted.document.title = formatted.document.title.slice()
+
+    # We remove local file paths that means
+    # removing hrefs starting with file://
+    # The filename is already stored in document.title
+    if formatted.document?.link?
+      formatted.document.link = formatted.document.link.filter (element) ->
+        # String.prototype.startsWith is only supported by FF and Chrome
+        element.href.toLowerCase().indexOf('file://') != 0
+
+    formatted
+
   # Utility function to get the decoded form of the document URI
   getHref: =>
     @plugins.PDF?.uri() ? @plugins.Document.uri() ? super