| Index: ui/base/dragdrop/os_exchange_data_provider_win.cc
|
| diff --git a/ui/base/dragdrop/os_exchange_data_provider_win.cc b/ui/base/dragdrop/os_exchange_data_provider_win.cc
|
| index fa2052a10b1f291866e8c26886d6dadad47a8379..1ad3e05b0ea0fcd3f269d2e2fe708a9100839bc9 100644
|
| --- a/ui/base/dragdrop/os_exchange_data_provider_win.cc
|
| +++ b/ui/base/dragdrop/os_exchange_data_provider_win.cc
|
| @@ -23,6 +23,14 @@
|
|
|
| namespace ui {
|
|
|
| +static const OSExchangeData::CustomFormat& GetRendererTaintCustomType() {
|
| + CR_DEFINE_STATIC_LOCAL(
|
| + ui::OSExchangeData::CustomFormat,
|
| + format,
|
| + (ui::Clipboard::GetFormatType("chromium/x-renderer-taint")));
|
| + return format;
|
| +}
|
| +
|
| // Creates a new STGMEDIUM object to hold the specified text. The caller
|
| // owns the resulting object. The "Bytes" version does not NULL terminate, the
|
| // string version does.
|
| @@ -269,6 +277,16 @@ OSExchangeData::Provider* OSExchangeDataProviderWin::Clone() const {
|
| return new OSExchangeDataProviderWin(data_object());
|
| }
|
|
|
| +void OSExchangeDataProviderWin::MarkRendererTainted() {
|
| + STGMEDIUM* storage = GetStorageForString(std::string());
|
| + data_->contents_.push_back(new DataObjectImpl::StoredDataInfo(
|
| + GetRendererTaintCustomType().ToFormatEtc(), storage));
|
| +}
|
| +
|
| +bool OSExchangeDataProviderWin::IsRendererTainted() const {
|
| + return HasCustomFormat(GetRendererTaintCustomType());
|
| +}
|
| +
|
| void OSExchangeDataProviderWin::SetString(const base::string16& data) {
|
| STGMEDIUM* storage = GetStorageForString(data);
|
| data_->contents_.push_back(new DataObjectImpl::StoredDataInfo(
|
|
|
Chromium Code Reviews
Issue 207013003:
Mark drags starting in web content as tainted to avoid file path forgery (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src