Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(711)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: ui/base/dragdrop/os_exchange_data_provider_aura.cc

Issue 207013003: Mark drags starting in web content as tainted to avoid file path forgery (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: More fixes and comment Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« ui/base/dragdrop/os_exchange_data.h ('K') | « ui/base/dragdrop/os_exchange_data_provider_aura.h ('k') | ui/base/dragdrop/os_exchange_data_provider_aurax11.h » ('j') | ui/base/dragdrop/os_exchange_data_provider_aurax11.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: ui/base/dragdrop/os_exchange_data_provider_aura.cc
diff --git a/ui/base/dragdrop/os_exchange_data_provider_aura.cc b/ui/base/dragdrop/os_exchange_data_provider_aura.cc
index f98cf9cc0246d520328ebf28c0c9c4297f334e03..dd4a9b654568f766293e6b007f7111a10f7ebec5 100644
--- a/ui/base/dragdrop/os_exchange_data_provider_aura.cc
+++ b/ui/base/dragdrop/os_exchange_data_provider_aura.cc
@@ -33,6 +33,15 @@ OSExchangeData::Provider* OSExchangeDataProviderAura::Clone() const {
return ret;
}
+void OSExchangeDataProviderAura::MarkRendererTainted() {
+ // TODO(dcheng): Currently unneeded because ChromeOS Aura correctly separates
+ // URL and filename metadata, and does not implement the DownloadURL protocol.
tony 2014/03/21 23:09:00 I worry that someone will implement DownloadURL an
dcheng 2014/03/21 23:57:07 Implementing this breaks dragging and dropping fil
+}
+
+bool OSExchangeDataProviderAura::IsRendererTainted() const {
+ return false;
+}
+
void OSExchangeDataProviderAura::SetString(const base::string16& data) {
string_ = data;
formats_ |= OSExchangeData::STRING;
« ui/base/dragdrop/os_exchange_data.h ('K') | « ui/base/dragdrop/os_exchange_data_provider_aura.h ('k') | ui/base/dragdrop/os_exchange_data_provider_aurax11.h » ('j') | ui/base/dragdrop/os_exchange_data_provider_aurax11.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698