| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef UI_BASE_DRAGDROP_OS_EXCHANGE_DATA_H_ | 5 #ifndef UI_BASE_DRAGDROP_OS_EXCHANGE_DATA_H_ |
| 6 #define UI_BASE_DRAGDROP_OS_EXCHANGE_DATA_H_ | 6 #define UI_BASE_DRAGDROP_OS_EXCHANGE_DATA_H_ |
| 7 | 7 |
| 8 #include "build/build_config.h" | 8 #include "build/build_config.h" |
| 9 | 9 |
| 10 #include <set> | 10 #include <set> |
| (...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 95 | 95 |
| 96 // Provider defines the platform specific part of OSExchangeData that | 96 // Provider defines the platform specific part of OSExchangeData that |
| 97 // interacts with the native system. | 97 // interacts with the native system. |
| 98 class UI_BASE_EXPORT Provider { | 98 class UI_BASE_EXPORT Provider { |
| 99 public: | 99 public: |
| 100 Provider() {} | 100 Provider() {} |
| 101 virtual ~Provider() {} | 101 virtual ~Provider() {} |
| 102 | 102 |
| 103 virtual Provider* Clone() const = 0; | 103 virtual Provider* Clone() const = 0; |
| 104 | 104 |
| 105 virtual void MarkOriginatedFromRenderer() = 0; |
| 106 virtual bool DidOriginateFromRenderer() const = 0; |
| 107 |
| 105 virtual void SetString(const base::string16& data) = 0; | 108 virtual void SetString(const base::string16& data) = 0; |
| 106 virtual void SetURL(const GURL& url, const base::string16& title) = 0; | 109 virtual void SetURL(const GURL& url, const base::string16& title) = 0; |
| 107 virtual void SetFilename(const base::FilePath& path) = 0; | 110 virtual void SetFilename(const base::FilePath& path) = 0; |
| 108 virtual void SetFilenames( | 111 virtual void SetFilenames( |
| 109 const std::vector<FileInfo>& file_names) = 0; | 112 const std::vector<FileInfo>& file_names) = 0; |
| 110 virtual void SetPickledData(const CustomFormat& format, | 113 virtual void SetPickledData(const CustomFormat& format, |
| 111 const Pickle& data) = 0; | 114 const Pickle& data) = 0; |
| 112 | 115 |
| 113 virtual bool GetString(base::string16* data) const = 0; | 116 virtual bool GetString(base::string16* data) const = 0; |
| 114 virtual bool GetURLAndTitle(FilenameToURLPolicy policy, | 117 virtual bool GetURLAndTitle(FilenameToURLPolicy policy, |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 156 // Creates an OSExchangeData with the specified provider. OSExchangeData | 159 // Creates an OSExchangeData with the specified provider. OSExchangeData |
| 157 // takes ownership of the supplied provider. | 160 // takes ownership of the supplied provider. |
| 158 explicit OSExchangeData(Provider* provider); | 161 explicit OSExchangeData(Provider* provider); |
| 159 | 162 |
| 160 ~OSExchangeData(); | 163 ~OSExchangeData(); |
| 161 | 164 |
| 162 // Returns the Provider, which actually stores and manages the data. | 165 // Returns the Provider, which actually stores and manages the data. |
| 163 const Provider& provider() const { return *provider_; } | 166 const Provider& provider() const { return *provider_; } |
| 164 Provider& provider() { return *provider_; } | 167 Provider& provider() { return *provider_; } |
| 165 | 168 |
| 169 // Marks drag data as tainted if it originates from the renderer. This is used |
| 170 // to avoid granting privileges to a renderer when dragging in tainted data, |
| 171 // since it could allow potential escalation of privileges. |
| 172 void MarkOriginatedFromRenderer(); |
| 173 bool DidOriginateFromRenderer() const; |
| 174 |
| 166 // These functions add data to the OSExchangeData object of various Chrome | 175 // These functions add data to the OSExchangeData object of various Chrome |
| 167 // types. The OSExchangeData object takes care of translating the data into | 176 // types. The OSExchangeData object takes care of translating the data into |
| 168 // a format suitable for exchange with the OS. | 177 // a format suitable for exchange with the OS. |
| 169 // NOTE WELL: Typically, a data object like this will contain only one of the | 178 // NOTE WELL: Typically, a data object like this will contain only one of the |
| 170 // following types of data. In cases where more data is held, the | 179 // following types of data. In cases where more data is held, the |
| 171 // order in which these functions are called is _important_! | 180 // order in which these functions are called is _important_! |
| 172 // ---> The order types are added to an OSExchangeData object controls | 181 // ---> The order types are added to an OSExchangeData object controls |
| 173 // the order of enumeration in our IEnumFORMATETC implementation! | 182 // the order of enumeration in our IEnumFORMATETC implementation! |
| 174 // This comes into play when selecting the best (most preferable) | 183 // This comes into play when selecting the best (most preferable) |
| 175 // data type for insertion into a DropTarget. | 184 // data type for insertion into a DropTarget. |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 233 private: | 242 private: |
| 234 // Provides the actual data. | 243 // Provides the actual data. |
| 235 scoped_ptr<Provider> provider_; | 244 scoped_ptr<Provider> provider_; |
| 236 | 245 |
| 237 DISALLOW_COPY_AND_ASSIGN(OSExchangeData); | 246 DISALLOW_COPY_AND_ASSIGN(OSExchangeData); |
| 238 }; | 247 }; |
| 239 | 248 |
| 240 } // namespace ui | 249 } // namespace ui |
| 241 | 250 |
| 242 #endif // UI_BASE_DRAGDROP_OS_EXCHANGE_DATA_H_ | 251 #endif // UI_BASE_DRAGDROP_OS_EXCHANGE_DATA_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 207013003:
Mark drags starting in web content as tainted to avoid file path forgery (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src