Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1876)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/public/common/drop_data.h

Issue 207013003: Mark drags starting in web content as tainted to avoid file path forgery (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: More fixes and comment Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/web_contents/web_drag_source_gtk.cc ('k') | ui/base/clipboard/clipboard_aurax11.cc » ('j') | ui/base/clipboard/clipboard_aurax11.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/public/common/drop_data.h
diff --git a/content/public/common/drop_data.h b/content/public/common/drop_data.h
index 74ad79ddd71d1c1d101917889d542de2c841cd1b..a903ffccc9d8ebd530a4c69c47846111cda1cff5 100644
--- a/content/public/common/drop_data.h
+++ b/content/public/common/drop_data.h
@@ -46,7 +46,9 @@ struct CONTENT_EXPORT DropData {
// a download.
blink::WebReferrerPolicy referrer_policy;
- // User is dropping one or more files on the webview.
+ // User is dropping one or more files on the webview. This field is only
+ // populated if the drag is not renderer tainted, as this allows File access
+ // from web content.
std::vector<FileInfo> filenames;
// Isolated filesystem ID for the files being dragged on the webview.
« no previous file with comments | « content/browser/web_contents/web_drag_source_gtk.cc ('k') | ui/base/clipboard/clipboard_aurax11.cc » ('j') | ui/base/clipboard/clipboard_aurax11.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698