[webkit-changes] [182746] trunk/Source/WebKit2

[timothy_horton]

Title: [182746] trunk/Source/WebKit2

Revision

182746

Author

timothy_hor...@apple.com

Date

2015-04-13 11:38:39 -0700 (Mon, 13 Apr 2015)

Log Message

_javascript_: links in inline PDFs shouldn't execute _javascript_ in the context of the host website
https://bugs.webkit.org/show_bug.cgi?id=143642
<rdar://problem/18259355>

Reviewed by Darin Adler.

* WebProcess/Plugins/PDF/PDFPlugin.mm:
(WebKit::PDFPlugin::clickedLink):
Don't follow _javascript_: URLs.

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/WebProcess/Plugins/PDF/PDFPlugin.mm

Diff

Modified: trunk/Source/WebKit2/ChangeLog (182745 => 182746)

--- trunk/Source/WebKit2/ChangeLog	2015-04-13 18:08:33 UTC (rev 182745)
+++ trunk/Source/WebKit2/ChangeLog	2015-04-13 18:38:39 UTC (rev 182746)
@@ -1,3 +1,15 @@
+2015-04-13  Timothy Horton  <timothy_hor...@apple.com>
+
+        _javascript_: links in inline PDFs shouldn't execute _javascript_ in the context of the host website
+        https://bugs.webkit.org/show_bug.cgi?id=143642
+        <rdar://problem/18259355>
+
+        Reviewed by Darin Adler.
+
+        * WebProcess/Plugins/PDF/PDFPlugin.mm:
+        (WebKit::PDFPlugin::clickedLink):
+        Don't follow _javascript_: URLs.
+
 2015-04-10  Alex Christensen  <achristen...@webkit.org>
 
         [Content Extensions] Don't unmap shared memory while using it.

Modified: trunk/Source/WebKit2/WebProcess/Plugins/PDF/PDFPlugin.mm (182745 => 182746)

--- trunk/Source/WebKit2/WebProcess/Plugins/PDF/PDFPlugin.mm	2015-04-13 18:08:33 UTC (rev 182745)
+++ trunk/Source/WebKit2/WebProcess/Plugins/PDF/PDFPlugin.mm	2015-04-13 18:38:39 UTC (rev 182746)
@@ -1563,13 +1563,17 @@
 
 void PDFPlugin::clickedLink(NSURL *url)
 {
+    URL coreURL = url;
+    if (protocolIsJavaScript(coreURL))
+        return;
+
     Frame* frame = webFrame()->coreFrame();
 
     RefPtr<Event> coreEvent;
     if (m_lastMouseEvent.type() != WebEvent::NoType)
         coreEvent = MouseEvent::create(eventNames().clickEvent, frame->document()->defaultView(), platform(m_lastMouseEvent), 0, 0);
 
-    frame->loader().urlSelected(url, emptyString(), coreEvent.get(), LockHistory::No, LockBackForwardList::No, MaybeSendReferrer);
+    frame->loader().urlSelected(coreURL, emptyString(), coreEvent.get(), LockHistory::No, LockBackForwardList::No, MaybeSendReferrer);
 }
 
 void PDFPlugin::setActiveAnnotation(PDFAnnotation *annotation)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes