[webkit-changes] [168636] trunk

[mhock]

Title: [168636] trunk

Revision

168636

Author

mh...@apple.com

Date

2014-05-12 12:47:12 -0700 (Mon, 12 May 2014)

Log Message

Disallow drag and drop of non-displayable resources.
https://bugs.webkit.org/show_bug.cgi?id=132745
<rdar://problem/10562662>

Reviewed by Alexey Proskuryakov.

Source/WebCore:
Test: http/tests/security/drag-drop-local-file.html

* page/DragController.cpp:
(WebCore::DragController::startDrag):

LayoutTests:
* http/tests/security/drag-drop-local-file-expected.txt: Added.
* http/tests/security/drag-drop-local-file.html: Added.

Modified Paths

• trunk/LayoutTests/ChangeLog
• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/page/DragController.cpp

Added Paths

• trunk/LayoutTests/http/tests/security/drag-drop-local-file-expected.txt
• trunk/LayoutTests/http/tests/security/drag-drop-local-file.html

Diff

Modified: trunk/LayoutTests/ChangeLog (168635 => 168636)

--- trunk/LayoutTests/ChangeLog	2014-05-12 19:23:47 UTC (rev 168635)
+++ trunk/LayoutTests/ChangeLog	2014-05-12 19:47:12 UTC (rev 168636)
@@ -1,3 +1,14 @@
+2014-05-12  Martin Hock  <mh...@apple.com>
+
+        Disallow drag and drop of non-displayable resources.
+        https://bugs.webkit.org/show_bug.cgi?id=132745
+        <rdar://problem/10562662>
+
+        Reviewed by Alexey Proskuryakov.
+
+        * http/tests/security/drag-drop-local-file-expected.txt: Added.
+        * http/tests/security/drag-drop-local-file.html: Added.
+
 2014-05-12  Radu Stavila  <stav...@adobe.com>
 
         fast/multicol/newmulticol/first-letter-create.html is very flaky

Added: trunk/LayoutTests/http/tests/security/drag-drop-local-file-expected.txt (0 => 168636)

--- trunk/LayoutTests/http/tests/security/drag-drop-local-file-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/drag-drop-local-file-expected.txt	2014-05-12 19:47:12 UTC (rev 168636)
@@ -0,0 +1,3 @@
+CONSOLE MESSAGE: Not allowed to drag local resource: foobar
+ALERT: PASS
+Dragme 

Added: trunk/LayoutTests/http/tests/security/drag-drop-local-file.html (0 => 168636)

--- trunk/LayoutTests/http/tests/security/drag-drop-local-file.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/drag-drop-local-file.html	2014-05-12 19:47:12 UTC (rev 168636)
@@ -0,0 +1,36 @@
+<html>
+<head>
+<script>
+if (window.testRunner) {
+    testRunner.dumpAsText();
+    testRunner.waitUntilDone();
+}
+
+function moveToCenter(element)
+{
+    x = element.offsetParent.offsetLeft + element.offsetLeft + element.offsetWidth / 2;
+    y = element.offsetParent.offsetTop + element.offsetTop + element.offsetHeight / 2;
+    eventSender.mouseMoveTo(x, y);
+}
+
+function runTest() {
+
+    var x, y;
+    var span = document.getElementById("span");
+    moveToCenter(span);
+    eventSender.mouseDown();
+    eventSender.leapForward(500);
+    var input = document.getElementById("target");
+    moveToCenter(input);
+    eventSender.leapForward(500);
+    eventSender.mouseUp();
+
+    input.contentWindow.postMessage("go", "*");
+}
+</script>
+</head>
+<body _onload_="runTest()">
+<span id="span"><a href=""
+<iframe id="target" src=""
+</body>
+</html>

Modified: trunk/Source/WebCore/ChangeLog (168635 => 168636)

--- trunk/Source/WebCore/ChangeLog	2014-05-12 19:23:47 UTC (rev 168635)
+++ trunk/Source/WebCore/ChangeLog	2014-05-12 19:47:12 UTC (rev 168636)
@@ -1,3 +1,16 @@
+2014-05-12  Martin Hock  <mh...@apple.com>
+
+        Disallow drag and drop of non-displayable resources.
+        https://bugs.webkit.org/show_bug.cgi?id=132745
+        <rdar://problem/10562662>
+
+        Reviewed by Alexey Proskuryakov.
+
+        Test: http/tests/security/drag-drop-local-file.html
+
+        * page/DragController.cpp:
+        (WebCore::DragController::startDrag):
+
 2014-05-12  Jozsef Berta  <jberta.u-sze...@partner.samsung.com>
 
         WinCairo buildfix after r168611

Modified: trunk/Source/WebCore/page/DragController.cpp (168635 => 168636)

--- trunk/Source/WebCore/page/DragController.cpp	2014-05-12 19:23:47 UTC (rev 168635)
+++ trunk/Source/WebCore/page/DragController.cpp	2014-05-12 19:47:12 UTC (rev 168636)
@@ -791,6 +791,9 @@
             m_dragOffset = IntPoint(dragOrigin.x() - dragLoc.x(), dragOrigin.y() - dragLoc.y());
         }
         doSystemDrag(dragImage, dragLoc, dragOrigin, dataTransfer, src, false);
+    } else if (!src.document()->securityOrigin()->canDisplay(linkURL)) {
+        src.document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to drag local resource: " + linkURL.stringCenterEllipsizedToLength());
+        startedDrag = false;
     } else if (!imageURL.isEmpty() && image && !image->isNull() && (m_dragSourceAction & DragSourceActionImage)) {
         // We shouldn't be starting a drag for an image that can't provide an extension.
         // This is an early detection for problems encountered later upon drop.

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes