Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(456)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/public/common/drop_data.h

Issue 207013003: Mark drags starting in web content as tainted to avoid file path forgery (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Cleanup Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« content/browser/renderer_host/render_view_host_impl.cc ('K') | « content/browser/web_contents/web_drag_source_gtk.cc ('k') | content/public/common/drop_data.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // A struct for managing data being dropped on a WebContents. This represents 5 // A struct for managing data being dropped on a WebContents. This represents
6 // a union of all the types of data that can be dropped in a platform neutral 6 // a union of all the types of data that can be dropped in a platform neutral
7 // way. 7 // way.
8 8
9 #ifndef CONTENT_PUBLIC_COMMON_DROP_DATA_H_ 9 #ifndef CONTENT_PUBLIC_COMMON_DROP_DATA_H_
10 #define CONTENT_PUBLIC_COMMON_DROP_DATA_H_ 10 #define CONTENT_PUBLIC_COMMON_DROP_DATA_H_
(...skipping 17 matching lines...) Expand all
28 28
29 // The path of the file. 29 // The path of the file.
30 base::string16 path; 30 base::string16 path;
31 // The display name of the file. This field is optional. 31 // The display name of the file. This field is optional.
32 base::string16 display_name; 32 base::string16 display_name;
33 }; 33 };
34 34
35 DropData(); 35 DropData();
36 ~DropData(); 36 ~DropData();
37 37
38 // Whether this drag originated from a renderer.
39 bool did_originate_from_renderer;
40
38 // User is dragging a link into the webview. 41 // User is dragging a link into the webview.
39 GURL url; 42 GURL url;
40 base::string16 url_title; // The title associated with |url|. 43 base::string16 url_title; // The title associated with |url|.
41 44
42 // User is dragging a link out-of the webview. 45 // User is dragging a link out-of the webview.
43 base::string16 download_metadata; 46 base::string16 download_metadata;
44 47
45 // Referrer policy to use when dragging a link out of the webview results in 48 // Referrer policy to use when dragging a link out of the webview results in
46 // a download. 49 // a download.
47 blink::WebReferrerPolicy referrer_policy; 50 blink::WebReferrerPolicy referrer_policy;
48 51
49 // User is dropping one or more files on the webview. 52 // User is dropping one or more files on the webview. This field is only
53 // populated if the drag is not renderer tainted, as this allows File access
54 // from web content.
50 std::vector<FileInfo> filenames; 55 std::vector<FileInfo> filenames;
51 56
52 // Isolated filesystem ID for the files being dragged on the webview. 57 // Isolated filesystem ID for the files being dragged on the webview.
53 base::string16 filesystem_id; 58 base::string16 filesystem_id;
54 59
55 // User is dragging plain text into the webview. 60 // User is dragging plain text into the webview.
56 base::NullableString16 text; 61 base::NullableString16 text;
57 62
58 // User is dragging text/html into the webview (e.g., out of Firefox). 63 // User is dragging text/html into the webview (e.g., out of Firefox).
59 // |html_base_url| is the URL that the html fragment is taken from (used to 64 // |html_base_url| is the URL that the html fragment is taken from (used to
60 // resolve relative links). It's ok for |html_base_url| to be empty. 65 // resolve relative links). It's ok for |html_base_url| to be empty.
61 base::NullableString16 html; 66 base::NullableString16 html;
62 GURL html_base_url; 67 GURL html_base_url;
63 68
64 // User is dragging data from the webview (e.g., an image). 69 // User is dragging data from the webview (e.g., an image).
65 base::string16 file_description_filename; 70 base::string16 file_description_filename;
66 std::string file_contents; 71 std::string file_contents;
67 72
68 std::map<base::string16, base::string16> custom_data; 73 std::map<base::string16, base::string16> custom_data;
69 }; 74 };
70 75
71 } // namespace content 76 } // namespace content
72 77
73 #endif // CONTENT_PUBLIC_COMMON_DROP_DATA_H_ 78 #endif // CONTENT_PUBLIC_COMMON_DROP_DATA_H_
OLDNEW
« content/browser/renderer_host/render_view_host_impl.cc ('K') | « content/browser/web_contents/web_drag_source_gtk.cc ('k') | content/public/common/drop_data.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698