启动不受信任的URL的最安全方法是什么?
[英]What's the safest way to launch an untrusted URL?
问题描述
It seems that the generally accepted approach to launch a URL is to call Process.Start, eg 
似乎普遍接受的启动URL的方法是调用Process.Start,例如
var url = new Uri(uriString);
Process.Start(url.AbsoluteUri);
eg this was suggested here . 例如在这里建议。
The problem with that is that if the URL is untrusted, bad things can happen. 这样做的问题是,如果URL不可信,则可能会发生不良情况。 eg if the string is @"c:\\windows\\system32\\notepad.exe", the code above will launch notepad with no questions asked. 例如,如果字符串为@“ c:\\ windows \\ system32 \\ notepad.exe”,则上面的代码将启动记事本,而不会出现任何问题。
OTOH, if you try to launch a local executable like this in the browser, you get plenty of security checks before it happens. OTOH,如果您尝试在浏览器中启动像这样的本地可执行文件,则在它发生之前您将获得大量的安全检查。
So the question is: how can this be done safely programmatically in a clean way (in C#)? 所以问题是:如何以一种干净的方式(在C#中)安全地以编程方式完成此任务?
Not-so-clean techniques we have considered: 我们考虑过的不太干净的技术:
- look at the Uri protocol, and block anything that's not http/https. 查看Uri协议,并阻止非http / https的任何内容。 This is hacky. 这是hacky。
- find the registered browser via some reg key, and launch it with the Uri on the cmd line. 通过一些reg键找到已注册的浏览器,然后在cmd行中使用Uri启动它。 This type of code tends to be messy and unreliable with some browsers. 在某些浏览器中,这种类型的代码往往很杂乱且不可靠。
So I'm hoping for a technique that would be like a LaunchUrlThroughBrowser(url). 所以我希望有一种类似于LaunchUrlThroughBrowser(url)的技术。
1 个解决方案
解决方案1
1 已采纳 2010-10-04 19:14:36
It appears that there is no great way to do this, short of manual filtering the URL, as explained in Safe Process.Start implementation for untrusted URL strings . 似乎没有很好的方法来做到这一点,除非手动过滤URL,如Safe Process.Start对不可信URL字符串的实现中所述 。 So that might just be the way to go. 因此,这可能只是要走的路。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.