Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(246)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/web_contents/web_drag_source_gtk.cc

Issue 207013003: Mark drags starting in web content as tainted to avoid file path forgery (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: More fixes and comment Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/web_contents/web_drag_dest_mac.mm ('k') | content/public/common/drop_data.h » ('j') | ui/base/clipboard/clipboard_aurax11.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/web_contents/web_drag_source_gtk.cc
diff --git a/content/browser/web_contents/web_drag_source_gtk.cc b/content/browser/web_contents/web_drag_source_gtk.cc
index a515e23bd5406dd3438dbcaf22b554042ad4929e..68a79f90e0e16a09390fb351a86fc84e0e71cf0b 100644
--- a/content/browser/web_contents/web_drag_source_gtk.cc
+++ b/content/browser/web_contents/web_drag_source_gtk.cc
@@ -79,7 +79,7 @@ bool WebDragSourceGtk::StartDragging(const DropData& drop_data,
return false;
}
- int targets_mask = 0;
+ int targets_mask = ui::RENDERER_TAINT;
if (!drop_data.text.string().empty())
targets_mask |= ui::TEXT_PLAIN;
@@ -285,6 +285,17 @@ void WebDragSourceGtk::OnDragDataGet(GtkWidget* sender,
break;
}
+ case ui::RENDERER_TAINT: {
+ static const char kPlaceholder[] = "x";
+ gtk_selection_data_set(
+ selection_data,
+ ui::GetAtomForTarget(ui::RENDERER_TAINT),
+ kBitsPerByte,
+ reinterpret_cast<const guchar*>(kPlaceholder),
+ strlen(kPlaceholder));
+ break;
+ }
+
default:
NOTREACHED();
}
« no previous file with comments | « content/browser/web_contents/web_drag_dest_mac.mm ('k') | content/public/common/drop_data.h » ('j') | ui/base/clipboard/clipboard_aurax11.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698