[webkit-changes] [222257] trunk

Tue, 19 Sep 2017 23:40:49 -0700

Title: [222257] trunk
Revision
222257
Author
[email protected]
Date
2017-09-19 23:40:29 -0700 (Tue, 19 Sep 2017)

Log Message

On Mac, dataTransfer claims to contain URL list when dropping files
https://bugs.webkit.org/show_bug.cgi?id=177219

Reviewed by Wenson Hsieh.

Source/WebCore:

Fixed the bug by removing code which was specifically adding local filenames as URLs in "text/uri-list"
when pasting or dropping files. Neither Chrome nor Firefox exhibit this behavior, and exposing local
filenames reveal sensitive information such as username.

Test: editing/pasteboard/datatransfer-types-dropping-text-file.html

* platform/mac/PasteboardMac.mm:
(WebCore::Pasteboard::readString):
(WebCore::addHTMLClipboardTypesForCocoaType):
(WebCore::absoluteURLsFromPasteboard): Deleted.

LayoutTests:

Added a regression test. For now, it only runs on Mac WK1.

* editing/pasteboard/datatransfer-types-dropping-text-file-expected.txt: Added.
* editing/pasteboard/datatransfer-types-dropping-text-file.html: Added.
* platform/ios/TestExpectations:
* platform/wk2/TestExpectations:

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (222256 => 222257)


--- trunk/LayoutTests/ChangeLog	2017-09-20 06:32:35 UTC (rev 222256)
+++ trunk/LayoutTests/ChangeLog	2017-09-20 06:40:29 UTC (rev 222257)
@@ -1,3 +1,17 @@
+2017-09-19  Ryosuke Niwa  <[email protected]>
+
+        On Mac, dataTransfer claims to contain URL list when dropping files
+        https://bugs.webkit.org/show_bug.cgi?id=177219
+
+        Reviewed by Wenson Hsieh.
+
+        Added a regression test. For now, it only runs on Mac WK1.
+
+        * editing/pasteboard/datatransfer-types-dropping-text-file-expected.txt: Added.
+        * editing/pasteboard/datatransfer-types-dropping-text-file.html: Added.
+        * platform/ios/TestExpectations:
+        * platform/wk2/TestExpectations:
+
 2017-09-19  Simon Fraser  <[email protected]>
 
         Simplify compositing layer updating

Added: trunk/LayoutTests/editing/pasteboard/datatransfer-types-dropping-text-file-expected.txt (0 => 222257)


--- trunk/LayoutTests/editing/pasteboard/datatransfer-types-dropping-text-file-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/editing/pasteboard/datatransfer-types-dropping-text-file-expected.txt	2017-09-20 06:40:29 UTC (rev 222257)
@@ -0,0 +1,9 @@
+When dropping a file, dataTransfer.types must contain "Files" and not "text/uri-list". This test requires eventSender.beginDragWithFiles.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS dataTransfer.types.includes("Files") is true
+PASS dataTransfer.types.includes("text/uri-list") is false
+PASS dataTransfer.getData("url") is ""
+

Added: trunk/LayoutTests/editing/pasteboard/datatransfer-types-dropping-text-file.html (0 => 222257)


--- trunk/LayoutTests/editing/pasteboard/datatransfer-types-dropping-text-file.html	                        (rev 0)
+++ trunk/LayoutTests/editing/pasteboard/datatransfer-types-dropping-text-file.html	2017-09-20 06:40:29 UTC (rev 222257)
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+<body>
+<div id="target" contentEditable="true" _ondrop_="check(event)"></div>
+<script src=""
+<script>
+description('When dropping a file, dataTransfer.types must contain "Files" and not "text/uri-list". This test requires eventSender.beginDragWithFiles.');
+
+function runTest() {
+    const target = document.getElementById('target');
+    eventSender.beginDragWithFiles(['../resources/abe.png']);
+    eventSender.mouseMoveTo(target.offsetLeft + 5, target.offsetTop + 5);
+    eventSender.mouseUp();
+}
+
+function check(event) {
+    dataTransfer = event.dataTransfer;
+    shouldBeTrue('dataTransfer.types.includes("Files")');
+    shouldBeFalse('dataTransfer.types.includes("text/uri-list")');
+    shouldBeEqualToString('dataTransfer.getData("url")', '');
+}
+
+if (window.eventSender)
+    runTest();
+else
+    testFailed('This test requires eventSender.beginDragWithFiles');
+
+var successfullyParsed = true;
+</script>
+<script src=""
+</body>
+</html>

Modified: trunk/LayoutTests/platform/ios/TestExpectations (222256 => 222257)


--- trunk/LayoutTests/platform/ios/TestExpectations	2017-09-20 06:32:35 UTC (rev 222256)
+++ trunk/LayoutTests/platform/ios/TestExpectations	2017-09-20 06:40:29 UTC (rev 222257)
@@ -388,6 +388,7 @@
 editing/pasteboard/data-transfer-items-drag-drop-file.html [ Skip ]
 editing/pasteboard/data-transfer-items-drag-drop-string.html [ Skip ]
 editing/pasteboard/data-transfer-items-image-png.html [ Skip ]
+editing/pasteboard/datatransfer-types-dropping-text-file.html [ Skip ]
 editing/pasteboard/drag-drop-copy-content.html [ Skip ]
 editing/pasteboard/drag-drop-input-textarea.html [ Skip ]
 editing/pasteboard/drag-drop-list.html [ Skip ]

Modified: trunk/LayoutTests/platform/wk2/TestExpectations (222256 => 222257)


--- trunk/LayoutTests/platform/wk2/TestExpectations	2017-09-20 06:32:35 UTC (rev 222256)
+++ trunk/LayoutTests/platform/wk2/TestExpectations	2017-09-20 06:40:29 UTC (rev 222257)
@@ -565,6 +565,7 @@
 # WebKitTestRunner needs an implementation of eventSender.beginDragWithFiles
 # https://bugs.webkit.org/show_bug.cgi?id=64285
 editing/pasteboard/datatransfer-items-drop-plaintext-file.html
+editing/pasteboard/datatransfer-types-dropping-text-file.html
 editing/pasteboard/entries-api
 editing/pasteboard/file-drag-to-editable.html [ Skip ]
 editing/pasteboard/file-input-files-access.html

Modified: trunk/Source/WebCore/ChangeLog (222256 => 222257)


--- trunk/Source/WebCore/ChangeLog	2017-09-20 06:32:35 UTC (rev 222256)
+++ trunk/Source/WebCore/ChangeLog	2017-09-20 06:40:29 UTC (rev 222257)
@@ -1,3 +1,21 @@
+2017-09-19  Ryosuke Niwa  <[email protected]>
+
+        On Mac, dataTransfer claims to contain URL list when dropping files
+        https://bugs.webkit.org/show_bug.cgi?id=177219
+
+        Reviewed by Wenson Hsieh.
+
+        Fixed the bug by removing code which was specifically adding local filenames as URLs in "text/uri-list"
+        when pasting or dropping files. Neither Chrome nor Firefox exhibit this behavior, and exposing local
+        filenames reveal sensitive information such as username.
+
+        Test: editing/pasteboard/datatransfer-types-dropping-text-file.html
+
+        * platform/mac/PasteboardMac.mm:
+        (WebCore::Pasteboard::readString):
+        (WebCore::addHTMLClipboardTypesForCocoaType):
+        (WebCore::absoluteURLsFromPasteboard): Deleted.
+
 2017-09-19  Simon Fraser  <[email protected]>
 
         Simplify compositing layer updating

Modified: trunk/Source/WebCore/platform/mac/PasteboardMac.mm (222256 => 222257)


--- trunk/Source/WebCore/platform/mac/PasteboardMac.mm	2017-09-20 06:32:35 UTC (rev 222256)
+++ trunk/Source/WebCore/platform/mac/PasteboardMac.mm	2017-09-20 06:40:29 UTC (rev 222257)
@@ -507,44 +507,12 @@
     return urls;
 }
 
-static Vector<String> absoluteURLsFromPasteboard(const String& pasteboardName, bool _onlyFirstURL_ = false)
-{
-    // NOTE: We must always check [availableTypes containsObject:] before accessing pasteboard data
-    // or CoreFoundation will printf when there is not data of the corresponding type.
-    Vector<String> availableTypes;
-    Vector<String> absoluteURLs;
-    platformStrategies()->pasteboardStrategy()->getTypes(availableTypes, pasteboardName);
-
-    // Try NSFilenamesPboardType because it contains a list
-    if (availableTypes.contains(String(NSFilenamesPboardType))) {
-        absoluteURLs = absoluteURLsFromPasteboardFilenames(pasteboardName, onlyFirstURL);
-        if (!absoluteURLs.isEmpty())
-            return absoluteURLs;
-    }
-
-    // Fallback to NSURLPboardType (which is a single URL)
-    if (availableTypes.contains(String(NSURLPboardType))) {
-        absoluteURLs.append(platformStrategies()->pasteboardStrategy()->stringForType(String(NSURLPboardType), pasteboardName));
-        return absoluteURLs;
-    }
-
-    // No file paths on the pasteboard, return nil
-    return Vector<String>();
-}
-
 String Pasteboard::readString(const String& type)
 {
     const String& cocoaType = cocoaTypeFromHTMLClipboardType(type);
     String cocoaValue;
 
-    // Grab the value off the pasteboard corresponding to the cocoaType
-    if (cocoaType == String(NSURLPboardType)) {
-        // "url" and "text/url-list" both map to NSURLPboardType in cocoaTypeFromHTMLClipboardType(), "url" only wants the first URL
-        bool _onlyFirstURL_ = equalLettersIgnoringASCIICase(type, "url");
-        Vector<String> absoluteURLs = absoluteURLsFromPasteboard(m_pasteboardName, onlyFirstURL);
-        for (size_t i = 0; i < absoluteURLs.size(); i++)
-            cocoaValue = i ? "\n" + absoluteURLs[i]: absoluteURLs[i];
-    } else if (cocoaType == String(NSStringPboardType))
+    if (cocoaType == String(NSStringPboardType))
         cocoaValue = [platformStrategies()->pasteboardStrategy()->stringForType(cocoaType, m_pasteboardName) precomposedStringWithCanonicalMapping];
     else if (!cocoaType.isEmpty())
         cocoaValue = platformStrategies()->pasteboardStrategy()->stringForType(cocoaType, m_pasteboardName);
@@ -583,12 +551,8 @@
         // However, this is not really an issue for us doing a sanity check here.
         Vector<String> fileList;
         platformStrategies()->pasteboardStrategy()->getPathnamesForType(fileList, String(NSFilenamesPboardType), pasteboardName);
-        if (!fileList.isEmpty()) {
-            // It is unknown if NSFilenamesPboardType always implies NSURLPboardType in Cocoa,
-            // but NSFilenamesPboardType should imply both 'text/uri-list' and 'Files'
-            resultTypes.add(ASCIILiteral("text/uri-list"));
+        if (!fileList.isEmpty())
             resultTypes.add(ASCIILiteral("Files"));
-        }
         return;
     }
     String utiType = utiTypeFromCocoaType(cocoaType);

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to