Title: [115513] trunk
- Revision
- 115513
- Author
- [email protected]
- Date
- 2012-04-27 16:27:01 -0700 (Fri, 27 Apr 2012)
Log Message
Disable RTF in _javascript_ drag-and-drop
https://bugs.webkit.org/show_bug.cgi?id=76597
Reviewed by Maciej Stachowiak.
Source/WebCore:
Test: fast/events/drag-and-drop-subframe-dataTransfer.html
* platform/mac/ClipboardMac.mm:
(WebCore::cocoaTypeFromHTMLClipboardType):
LayoutTests:
* fast/events/drag-and-drop-subframe-dataTransfer-expected.txt: Added.
* fast/events/drag-and-drop-subframe-dataTransfer.html: Added.
* fast/events/resources/file-for-drag-and-drop-subframe-dataTransfer.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (115512 => 115513)
--- trunk/LayoutTests/ChangeLog 2012-04-27 23:26:53 UTC (rev 115512)
+++ trunk/LayoutTests/ChangeLog 2012-04-27 23:27:01 UTC (rev 115513)
@@ -1,3 +1,14 @@
+2012-04-24 Jeffrey Pfau <[email protected]>
+
+ Disable RTF in _javascript_ drag-and-drop
+ https://bugs.webkit.org/show_bug.cgi?id=76597
+
+ Reviewed by Maciej Stachowiak.
+
+ * fast/events/drag-and-drop-subframe-dataTransfer-expected.txt: Added.
+ * fast/events/drag-and-drop-subframe-dataTransfer.html: Added.
+ * fast/events/resources/file-for-drag-and-drop-subframe-dataTransfer.html: Added.
+
2012-04-27 Sudarsana Nagineni <[email protected]>
[EFL] [DRT] Unskip passing tests related to editing commands
Added: trunk/LayoutTests/fast/events/drag-and-drop-subframe-dataTransfer-expected.txt (0 => 115513)
--- trunk/LayoutTests/fast/events/drag-and-drop-subframe-dataTransfer-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/events/drag-and-drop-subframe-dataTransfer-expected.txt 2012-04-27 23:27:01 UTC (rev 115513)
@@ -0,0 +1 @@
+PASS
Added: trunk/LayoutTests/fast/events/drag-and-drop-subframe-dataTransfer.html (0 => 115513)
--- trunk/LayoutTests/fast/events/drag-and-drop-subframe-dataTransfer.html (rev 0)
+++ trunk/LayoutTests/fast/events/drag-and-drop-subframe-dataTransfer.html 2012-04-27 23:27:01 UTC (rev 115513)
@@ -0,0 +1,53 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+function onDrop(evt) {
+ document.body.innerHTML = 'PASS';
+ if (!evt.dataTransfer.types) return;
+ for (var i = 0, type; type = evt.dataTransfer.types[i]; i++) {
+ clip = evt.dataTransfer.getData(type);
+ if (typeof clip == 'string' && clip.indexOf('FAIL') != -1)
+ document.body.innerHTML = 'FAIL';
+ }
+ evt.preventDefault();
+ window.layoutTestController.notifyDone();
+}
+
+function runTest() {
+ window.layoutTestController.dumpAsText();
+ window.layoutTestController.waitUntilDone();
+ var d = document.getElementById('drag');
+ var o = document.getElementById('drop');
+ eventSender.mouseMoveTo(d.offsetLeft + d.offsetWidth / 2, d.offsetTop + d.offsetHeight / 2);
+ eventSender.mouseDown();
+ eventSender.leapForward(100);
+ eventSender.mouseMoveTo(o.offsetLeft + o.offsetWidth / 2, o.offsetTop + o.offsetHeight / 2);
+ eventSender.mouseUp();
+}
+
+window._onload_ = function() {
+ var d = document.getElementById('drag');
+ var r = document.createRange();
+ r.selectNode(d);
+ getSelection().removeAllRanges();
+ getSelection().addRange(r);
+ document.getElementById('drop').addEventListener('drop', onDrop, true);
+ window.addEventListener('dragover', function(x) { x.preventDefault() }, true);
+ window.addEventListener('dragstart', function(x) { window.focus() }, true);
+
+ if (window.layoutTestController)
+ runTest();
+}
+</script>
+</head>
+<body>
+Dragging this iframe onto a drop target should not expose its contents.
+<div id="drag" style="-webkit-user-drag: element ">
+→
+<iframe src=""
+←
+</div>
+<input id="drop">
+</body>
+</html>
Added: trunk/LayoutTests/fast/events/resources/file-for-drag-and-drop-subframe-dataTransfer.html (0 => 115513)
--- trunk/LayoutTests/fast/events/resources/file-for-drag-and-drop-subframe-dataTransfer.html (rev 0)
+++ trunk/LayoutTests/fast/events/resources/file-for-drag-and-drop-subframe-dataTransfer.html 2012-04-27 23:27:01 UTC (rev 115513)
@@ -0,0 +1 @@
+FAIL - This information should not be accessible from dataTransfer.getData()
Modified: trunk/Source/WebCore/ChangeLog (115512 => 115513)
--- trunk/Source/WebCore/ChangeLog 2012-04-27 23:26:53 UTC (rev 115512)
+++ trunk/Source/WebCore/ChangeLog 2012-04-27 23:27:01 UTC (rev 115513)
@@ -1,3 +1,15 @@
+2012-04-24 Jeffrey Pfau <[email protected]>
+
+ Disable RTF in _javascript_ drag-and-drop
+ https://bugs.webkit.org/show_bug.cgi?id=76597
+
+ Reviewed by Maciej Stachowiak.
+
+ Test: fast/events/drag-and-drop-subframe-dataTransfer.html
+
+ * platform/mac/ClipboardMac.mm:
+ (WebCore::cocoaTypeFromHTMLClipboardType):
+
2012-04-26 James Robinson <[email protected]>
[chromium] Separate IOSurface layer type from texture layers
Modified: trunk/Source/WebCore/platform/mac/ClipboardMac.mm (115512 => 115513)
--- trunk/Source/WebCore/platform/mac/ClipboardMac.mm 2012-04-27 23:26:53 UTC (rev 115512)
+++ trunk/Source/WebCore/platform/mac/ClipboardMac.mm 2012-04-27 23:27:01 UTC (rev 115513)
@@ -88,6 +88,10 @@
// special case because UTI doesn't work with Cocoa's URL type
return String(NSURLPboardType); // note special case in getData to read NSFilenamesType
+ // Blacklist types that might contain subframe information
+ if (qType == "text/rtf" || qType == "public.rtf" || qType == "com.apple.traditional-mac-plain-text")
+ return String();
+
// Try UTI now
String mimeType = qType;
RetainPtr<CFStringRef> utiType(AdoptCF, UTTypeCreatePreferredIdentifierForTag(kUTTagClassMIMEType, mimeType.createCFString(), NULL));
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
