Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(559)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: ui/file_manager/file_manager/foreground/elements/files_safe_media.js

Issue 2181953003: Improved security of Quick View by rendering videos and audios inside webview. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Nit Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « ui/file_manager/file_manager/foreground/elements/files_safe_media.html ('k') | ui/file_manager/file_manager/foreground/elements/files_safe_video_webview_content.css » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 var FILES_APP_ORIGIN = 'chrome-extension://hhaomjibdihmijegdhdafkllkbggdgoj'; 5 var FILES_APP_ORIGIN = 'chrome-extension://hhaomjibdihmijegdhdafkllkbggdgoj';
6 6
7 /** 7 /**
8 * Polymer element to render an image securely inside webview. 8 * Polymer element to render a media securely inside webview.
9 * When tapped, files-safe-img-tap-inside or 9 * When tapped, files-safe-media-tap-inside or
10 * files-safe-img-tap-outside events are fired depending on the position 10 * files-safe-media-tap-outside events are fired depending on the position
11 * of the tap. 11 * of the tap.
12 */ 12 */
13 var FilesSafeImg = Polymer({ 13 var FilesSafeMedia = Polymer({
14 is: 'files-safe-img', 14 is: 'files-safe-media',
15 15
16 properties: { 16 properties: {
17 // URL accessible from webview. 17 // URL accessible from webview.
18 src: { 18 src: {
19 type: String, 19 type: String,
20 observer: 'onSrcChange_', 20 observer: 'onSrcChange_',
21 reflectToAttribute: true 21 reflectToAttribute: true
22 },
23 type: {
24 type: String,
25 readonly: true,
22 } 26 }
23 }, 27 },
24 28
25 listeners: {'src-changed': 'onSrcChange_'}, 29 listeners: {'src-changed': 'onSrcChange_'},
26 30
31 /**
32 * @return {string}
33 */
34 sourceFile_: function() {
35 switch (this.type) {
36 case 'image':
37 return 'foreground/elements/files_safe_img_webview_content.html';
38 case 'audio':
39 return 'foreground/elements/files_safe_audio_webview_content.html';
40 case 'video':
41 return 'foreground/elements/files_safe_video_webview_content.html';
42 default:
43 console.error('Unsupported type: ' + this.type);
44 return '';
45 }
46 },
47
27 onSrcChange_: function() { 48 onSrcChange_: function() {
28 if (!this.src && this.webview_) { 49 if (!this.src && this.webview_) {
29 // Remove webview to clean up unnecessary processes. 50 // Remove webview to clean up unnecessary processes.
30 Polymer.dom(this.$.content).removeChild(this.webview_); 51 Polymer.dom(this.$.content).removeChild(this.webview_);
31 this.webview_ = null; 52 this.webview_ = null;
32 } else if (this.src && !this.webview_) { 53 } else if (this.src && !this.webview_) {
33 // Create webview node only if src exists to save resouces. 54 // Create webview node only if src exists to save resouces.
34 var webview = document.createElement('webview'); 55 var webview = document.createElement('webview');
35 this.webview_ = webview; 56 this.webview_ = webview;
36 webview.partition = 'trusted'; 57 webview.partition = 'trusted';
37 webview.allowtransparency = 'true'; 58 webview.allowtransparency = 'true';
38 Polymer.dom(this.$.content).appendChild(webview); 59 Polymer.dom(this.$.content).appendChild(webview);
39 webview.addEventListener( 60 webview.addEventListener(
40 'contentload', this.onSrcChange_.bind(this)); 61 'contentload', this.onSrcChange_.bind(this));
41 webview.src = 'foreground/elements/files_safe_img_webview_content.html'; 62 webview.src = this.sourceFile_();
42 } else if (this.src && this.webview_.contentWindow) { 63 } else if (this.src && this.webview_.contentWindow) {
43 this.webview_.contentWindow.postMessage(this.src, FILES_APP_ORIGIN); 64 this.webview_.contentWindow.postMessage(this.src, FILES_APP_ORIGIN);
44 } 65 }
45 }, 66 },
46 67
47 created: function() { 68 created: function() {
48 /** 69 /**
49 * @type {HTMLElement} 70 * @type {HTMLElement}
50 */ 71 */
51 this.webview_ = null; 72 this.webview_ = null;
52 }, 73 },
53 74
54 ready: function() { 75 ready: function() {
55 window.addEventListener('message', function(event) { 76 window.addEventListener('message', function(event) {
56 if (event.origin !== FILES_APP_ORIGIN) { 77 if (event.origin !== FILES_APP_ORIGIN) {
57 console.error('Unknown origin.'); 78 console.log('Unknown origin.');
58 return; 79 return;
59 } 80 }
60 if (event.data === 'tap-inside') { 81 if (event.data === 'tap-inside') {
61 this.fire('files-safe-img-tap-inside'); 82 this.fire('files-safe-media-tap-inside');
62 } else if (event.data === 'tap-outside') { 83 } else if (event.data === 'tap-outside') {
63 this.fire('files-safe-img-tap-outside'); 84 this.fire('files-safe-media-tap-outside');
64 } 85 }
65 }.bind(this)); 86 }.bind(this));
66 } 87 }
67 }); 88 });
OLDNEW
« no previous file with comments | « ui/file_manager/file_manager/foreground/elements/files_safe_media.html ('k') | ui/file_manager/file_manager/foreground/elements/files_safe_video_webview_content.css » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698