[英]What's the safest way to launch an untrusted URL?
It seems that the generally accepted approach to launch a URL is to call Process.Start, eg 似乎普遍接受的启动URL的方法是调用Process.Start,例如
var url = new Uri(uriString);
Process.Start(url.AbsoluteUri);
eg this was suggested here . 例如在这里建议。
The problem with that is that if the URL is untrusted, bad things can happen. 这样做的问题是,如果URL不可信,则可能会发生不良情况。 eg if the string is @"c:\\windows\\system32\\notepad.exe", the code above will launch notepad with no questions asked.
例如,如果字符串为@“ c:\\ windows \\ system32 \\ notepad.exe”,则上面的代码将启动记事本,而不会出现任何问题。
OTOH, if you try to launch a local executable like this in the browser, you get plenty of security checks before it happens. OTOH,如果您尝试在浏览器中启动像这样的本地可执行文件,则在它发生之前您将获得大量的安全检查。
So the question is: how can this be done safely programmatically in a clean way (in C#)? 所以问题是:如何以一种干净的方式(在C#中)安全地以编程方式完成此任务?
Not-so-clean techniques we have considered: 我们考虑过的不太干净的技术:
So I'm hoping for a technique that would be like a LaunchUrlThroughBrowser(url). 所以我希望有一种类似于LaunchUrlThroughBrowser(url)的技术。
It appears that there is no great way to do this, short of manual filtering the URL, as explained in Safe Process.Start implementation for untrusted URL strings . 似乎没有很好的方法来做到这一点,除非手动过滤URL,如Safe Process.Start对不可信URL字符串的实现中所述 。 So that might just be the way to go.
因此,这可能只是要走的路。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.