浏览代码

Merge pull request #687 from jubalh/openurlwarning

Add warning to OpenURL()
Ray 7 年之前
父节点
当前提交
d2f4cc1142
共有 1 个文件被更改,包括 6 次插入0 次删除
  1. 6 0
      src/core.c

+ 6 - 0
src/core.c

@@ -1820,6 +1820,12 @@ int StorageLoadValue(int position)
 }
 
 // Open URL with default system browser (if available)
+// Note:
+// This function is onlyl safe to use if you control the URL given.
+// A user could craft a malicious string performing another action.
+// Only call this function yourself not with user input or make sure to check the
+// string yourself.
+// See https://github.com/raysan5/raylib/issues/686
 void OpenURL(const char *url)
 {
     char *cmd = calloc(strlen(url) + 10, sizeof(char));