Diff
Modified: trunk/Source/WebKit/chromium/ChangeLog (145045 => 145046)
--- trunk/Source/WebKit/chromium/ChangeLog 2013-03-07 08:08:58 UTC (rev 145045)
+++ trunk/Source/WebKit/chromium/ChangeLog 2013-03-07 08:12:31 UTC (rev 145046)
@@ -1,3 +1,52 @@
+2013-03-07 Jochen Eisinger <[email protected]>
+
+ [chromium] expose UserGestureToken via WebKit API so PPAPI plugins can correctly consume it
+ https://bugs.webkit.org/show_bug.cgi?id=104268
+
+ Reviewed by Darin Fisher.
+
+ Currently, the PPAPI creates a WebScopedUserGesture up to 10 seconds
+ after a call with an currently active user gesture was made. It should
+ use the newly added WebUserGestureToken to make sure this user gesture
+ is not consumed multiple times.
+
+ We can't require a WebUserGestureToken for a WebScopedUserGesture, since
+ e.g. the extension API needs to be able to create a WebScopedUserGesture
+ out of the blue.
+
+ * WebKit.gyp:
+ * WebKit.gypi:
+ * public/WebScopedUserGesture.h:
+ (WebKit):
+ (WebKit::WebScopedUserGesture::WebScopedUserGesture):
+ (WebScopedUserGesture):
+ * public/WebUserGestureIndicator.h:
+ (WebKit):
+ (WebUserGestureIndicator):
+ * public/WebUserGestureToken.h: Copied from Source/WebKit/chromium/public/WebScopedUserGesture.h.
+ (WebCore):
+ (WebKit):
+ (WebUserGestureToken):
+ (WebKit::WebUserGestureToken::WebUserGestureToken):
+ (WebKit::WebUserGestureToken::operator=):
+ (WebKit::WebUserGestureToken::~WebUserGestureToken):
+ (WebKit::WebUserGestureToken::isNull):
+ * src/WebScopedUserGesture.cpp:
+ (WebKit::WebScopedUserGesture::initializeWithToken):
+ (WebKit):
+ * src/WebUserGestureIndicator.cpp:
+ (WebKit::WebUserGestureIndicator::currentUserGestureToken):
+ (WebKit):
+ * src/WebUserGestureToken.cpp: Copied from Source/WebKit/chromium/src/WebUserGestureIndicator.cpp.
+ (WebKit):
+ (WebKit::WebUserGestureToken::WebUserGestureToken):
+ (WebKit::WebUserGestureToken::operator WebCore::UserGestureToken*):
+ (WebKit::WebUserGestureToken::assign):
+ (WebKit::WebUserGestureToken::reset):
+ * tests/WebUserGestureTokenTest.cpp: Copied from Source/WebKit/chromium/src/WebUserGestureIndicator.cpp.
+ (WebCore):
+ (WebCore::TEST):
+
2013-03-06 David Dorwin <[email protected]>
[chromium] Fix typo: destoryPage() => destroyPage()
Modified: trunk/Source/WebKit/chromium/WebKit.gyp (145045 => 145046)
--- trunk/Source/WebKit/chromium/WebKit.gyp 2013-03-07 08:08:58 UTC (rev 145045)
+++ trunk/Source/WebKit/chromium/WebKit.gyp 2013-03-07 08:12:31 UTC (rev 145046)
@@ -277,6 +277,7 @@
'public/WebTimeRange.h',
'public/WebURLLoaderOptions.h',
'public/WebUserGestureIndicator.h',
+ 'public/WebUserGestureToken.h',
'public/WebUserMediaClient.h',
'public/WebUserMediaRequest.h',
'public/WebView.h',
@@ -577,6 +578,7 @@
'src/WebScopedUserGesture.cpp',
'src/WebTextFieldDecoratorClient.cpp',
'src/WebUserGestureIndicator.cpp',
+ 'src/WebUserGestureToken.cpp',
'src/WebUserMediaRequest.cpp',
'src/WebViewBenchmarkSupportImpl.cpp',
'src/WebViewBenchmarkSupportImpl.h',
Modified: trunk/Source/WebKit/chromium/WebKit.gypi (145045 => 145046)
--- trunk/Source/WebKit/chromium/WebKit.gypi 2013-03-07 08:08:58 UTC (rev 145045)
+++ trunk/Source/WebKit/chromium/WebKit.gypi 2013-03-07 08:12:31 UTC (rev 145046)
@@ -123,6 +123,7 @@
'tests/WebPageNewSerializerTest.cpp',
'tests/WebPageSerializerTest.cpp',
'tests/WebPluginContainerTest.cpp',
+ 'tests/WebUserGestureTokenTest.cpp',
'tests/WebSocketDeflaterTest.cpp',
'tests/WebSocketExtensionDispatcherTest.cpp',
'tests/WebURLRequestTest.cpp',
Modified: trunk/Source/WebKit/chromium/public/WebScopedUserGesture.h (145045 => 145046)
--- trunk/Source/WebKit/chromium/public/WebScopedUserGesture.h 2013-03-07 08:08:58 UTC (rev 145045)
+++ trunk/Source/WebKit/chromium/public/WebScopedUserGesture.h 2013-03-07 08:12:31 UTC (rev 145046)
@@ -39,17 +39,30 @@
namespace WebKit {
+class WebUserGestureToken;
+
// An instance of this class, while kept alive, will indicate that we are in
// the context of a known user gesture. To use, create one, perform whatever
// actions were done under color of a known user gesture, and then delete it.
// Usually this will be done on the stack.
+//
+// SECURITY WARNING: Do not create several instances of this class for the same
+// user gesture. Doing so might enable malicious code to work around certain
+// restrictions such as opening multiple windows.
+// Instead, obtain the current WebUserGestureToken from the
+// WebUserGestureIndicator, and use this token to create a
+// WebScopedUserGesture. If the token was alrady consumed, the new
+// WebScopedUserGesture will not indicate that we are in the context of a user
+// gesture.
class WebScopedUserGesture {
public:
+ explicit WebScopedUserGesture(const WebUserGestureToken& token) { initializeWithToken(token); }
WebScopedUserGesture() { initialize(); }
~WebScopedUserGesture() { reset(); }
private:
WEBKIT_EXPORT void initialize();
+ WEBKIT_EXPORT void initializeWithToken(const WebUserGestureToken&);
WEBKIT_EXPORT void reset();
WebPrivateOwnPtr<WebCore::UserGestureIndicator> m_indicator;
Modified: trunk/Source/WebKit/chromium/public/WebUserGestureIndicator.h (145045 => 145046)
--- trunk/Source/WebKit/chromium/public/WebUserGestureIndicator.h 2013-03-07 08:08:58 UTC (rev 145045)
+++ trunk/Source/WebKit/chromium/public/WebUserGestureIndicator.h 2013-03-07 08:12:31 UTC (rev 145046)
@@ -35,6 +35,8 @@
namespace WebKit {
+class WebUserGestureToken;
+
class WebUserGestureIndicator {
public:
// Returns true if a user gesture is currently being processed.
@@ -42,6 +44,11 @@
// Returns true if a consumable gesture exists and has been successfully consumed.
WEBKIT_EXPORT static bool consumeUserGesture();
+
+ // Returns a token for the currently active user gesture. It can be used to
+ // continue processing the user gesture later on using a
+ // WebScopedUserGesture.
+ WEBKIT_EXPORT static WebUserGestureToken currentUserGestureToken();
};
}
Copied: trunk/Source/WebKit/chromium/public/WebUserGestureToken.h (from rev 145045, trunk/Source/WebKit/chromium/public/WebScopedUserGesture.h) (0 => 145046)
--- trunk/Source/WebKit/chromium/public/WebUserGestureToken.h (rev 0)
+++ trunk/Source/WebKit/chromium/public/WebUserGestureToken.h 2013-03-07 08:12:31 UTC (rev 145046)
@@ -0,0 +1,72 @@
+/*
+ * Copyright (C) 2013 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef WebUserGestureToken_h
+#define WebUserGestureToken_h
+
+#include "../../../Platform/chromium/public/WebPrivatePtr.h"
+
+namespace WebCore {
+class UserGestureToken;
+}
+
+namespace WebKit {
+
+// A WebUserGestureToken allows for storing the user gesture state of the
+// currently active context and reinstantiating it later on to continue
+// processing the user gesture in case it was not consumed meanwhile.
+class WebUserGestureToken {
+public:
+ WebUserGestureToken() { }
+ WebUserGestureToken(const WebUserGestureToken& other) { assign(other); }
+ WebUserGestureToken& operator=(const WebUserGestureToken& other)
+ {
+ assign(other);
+ return *this;
+ }
+ ~WebUserGestureToken() { reset(); }
+
+ bool isNull() const { return m_token.isNull(); }
+
+#if WEBKIT_IMPLEMENTATION
+ explicit WebUserGestureToken(PassRefPtr<WebCore::UserGestureToken>);
+ operator PassRefPtr<WebCore::UserGestureToken>() const;
+#endif
+
+private:
+ WEBKIT_EXPORT void assign(const WebUserGestureToken&);
+ WEBKIT_EXPORT void reset();
+
+ WebPrivatePtr<WebCore::UserGestureToken> m_token;
+};
+
+} // namespace WebKit
+
+#endif // WebUserGestureToken_h
Modified: trunk/Source/WebKit/chromium/src/WebScopedUserGesture.cpp (145045 => 145046)
--- trunk/Source/WebKit/chromium/src/WebScopedUserGesture.cpp 2013-03-07 08:08:58 UTC (rev 145045)
+++ trunk/Source/WebKit/chromium/src/WebScopedUserGesture.cpp 2013-03-07 08:12:31 UTC (rev 145046)
@@ -32,6 +32,7 @@
#include "WebScopedUserGesture.h"
#include "UserGestureIndicator.h"
+#include "WebUserGestureToken.h"
namespace WebKit {
@@ -40,6 +41,12 @@
m_indicator.reset(new WebCore::UserGestureIndicator(WebCore::DefinitelyProcessingUserGesture));
}
+void WebScopedUserGesture::initializeWithToken(const WebUserGestureToken& token)
+{
+ if (!token.isNull())
+ m_indicator.reset(new WebCore::UserGestureIndicator(token));
+}
+
void WebScopedUserGesture::reset()
{
m_indicator.reset(0);
Modified: trunk/Source/WebKit/chromium/src/WebUserGestureIndicator.cpp (145045 => 145046)
--- trunk/Source/WebKit/chromium/src/WebUserGestureIndicator.cpp 2013-03-07 08:08:58 UTC (rev 145045)
+++ trunk/Source/WebKit/chromium/src/WebUserGestureIndicator.cpp 2013-03-07 08:12:31 UTC (rev 145046)
@@ -32,6 +32,7 @@
#include "WebUserGestureIndicator.h"
#include "UserGestureIndicator.h"
+#include "WebUserGestureToken.h"
using namespace WebCore;
@@ -47,4 +48,9 @@
return UserGestureIndicator::consumeUserGesture();
}
+WebUserGestureToken WebUserGestureIndicator::currentUserGestureToken()
+{
+ return WebUserGestureToken(UserGestureIndicator::currentToken());
+}
+
} // namespace WebKit
Copied: trunk/Source/WebKit/chromium/src/WebUserGestureToken.cpp (from rev 145045, trunk/Source/WebKit/chromium/src/WebUserGestureIndicator.cpp) (0 => 145046)
--- trunk/Source/WebKit/chromium/src/WebUserGestureToken.cpp (rev 0)
+++ trunk/Source/WebKit/chromium/src/WebUserGestureToken.cpp 2013-03-07 08:12:31 UTC (rev 145046)
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2013 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "WebUserGestureToken.h"
+
+#include "UserGestureIndicator.h"
+
+namespace WebKit {
+
+WebUserGestureToken::WebUserGestureToken(PassRefPtr<WebCore::UserGestureToken> token)
+{
+ m_token = token;
+}
+
+WebUserGestureToken::operator PassRefPtr<WebCore::UserGestureToken>() const
+{
+ return m_token.get();
+}
+
+void WebUserGestureToken::assign(const WebUserGestureToken& other)
+{
+ m_token = other.m_token;
+}
+
+void WebUserGestureToken::reset()
+{
+ m_token.reset();
+}
+
+} // namespace WebKit
Copied: trunk/Source/WebKit/chromium/tests/WebUserGestureTokenTest.cpp (from rev 145045, trunk/Source/WebKit/chromium/src/WebUserGestureIndicator.cpp) (0 => 145046)
--- trunk/Source/WebKit/chromium/tests/WebUserGestureTokenTest.cpp (rev 0)
+++ trunk/Source/WebKit/chromium/tests/WebUserGestureTokenTest.cpp 2013-03-07 08:12:31 UTC (rev 145046)
@@ -0,0 +1,75 @@
+/*
+ * Copyright (C) 2013 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include "WebUserGestureToken.h"
+
+#include "UserGestureIndicator.h"
+#include "WebScopedUserGesture.h"
+#include "WebUserGestureIndicator.h"
+#include <gtest/gtest.h>
+
+using namespace WebKit;
+using namespace WebCore;
+
+namespace {
+
+TEST(WebUserGestureTokenTest, Basic)
+{
+ WebUserGestureToken token;
+
+ {
+ WebScopedUserGesture indicator(token);
+ EXPECT_FALSE(WebUserGestureIndicator::isProcessingUserGesture());
+ }
+
+ {
+ UserGestureIndicator indicator(DefinitelyProcessingUserGesture);
+ EXPECT_TRUE(WebUserGestureIndicator::isProcessingUserGesture());
+ token = WebUserGestureIndicator::currentUserGestureToken();
+ }
+
+ EXPECT_FALSE(WebUserGestureIndicator::isProcessingUserGesture());
+
+ {
+ WebScopedUserGesture indicator(token);
+ EXPECT_TRUE(WebUserGestureIndicator::isProcessingUserGesture());
+ WebUserGestureIndicator::consumeUserGesture();
+ EXPECT_FALSE(WebUserGestureIndicator::isProcessingUserGesture());
+ }
+
+ {
+ WebScopedUserGesture indicator(token);
+ EXPECT_FALSE(WebUserGestureIndicator::isProcessingUserGesture());
+ }
+}
+
+}
