Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(614)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ui/views/tabs/tab_strip.cc

Issue 2323273003: Ignore Javascript urls dropped on tabs (Closed)
Patch Set: Address nits Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ui/views/tabs/tab_strip.h" 5 #include "chrome/browser/ui/views/tabs/tab_strip.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 8
9 #include <algorithm> 9 #include <algorithm>
10 #include <iterator> 10 #include <iterator>
(...skipping 1608 matching lines...) Expand 10 before | Expand all | Expand 10 after
1619 if (url.SchemeIsFile()) 1619 if (url.SchemeIsFile())
1620 controller_->CheckFileSupported(url); 1620 controller_->CheckFileSupported(url);
1621 } 1621 }
1622 } 1622 }
1623 1623
1624 int TabStrip::OnDragUpdated(const DropTargetEvent& event) { 1624 int TabStrip::OnDragUpdated(const DropTargetEvent& event) {
1625 // Update the drop index even if the file is unsupported, to allow 1625 // Update the drop index even if the file is unsupported, to allow
1626 // dragging a file to the contents of another tab. 1626 // dragging a file to the contents of another tab.
1627 UpdateDropIndex(event); 1627 UpdateDropIndex(event);
1628 1628
1629 if (!drop_info_->file_supported) 1629 if (!drop_info_->file_supported ||
1630 drop_info_->url.SchemeIs(url::kJavaScriptScheme))
1630 return ui::DragDropTypes::DRAG_NONE; 1631 return ui::DragDropTypes::DRAG_NONE;
1631 1632
1632 return GetDropEffect(event); 1633 return GetDropEffect(event);
1633 } 1634 }
1634 1635
1635 void TabStrip::OnDragExited() { 1636 void TabStrip::OnDragExited() {
1636 SetDropIndex(-1, false); 1637 SetDropIndex(-1, false);
1637 } 1638 }
1638 1639
1639 int TabStrip::OnPerformDrop(const DropTargetEvent& event) { 1640 int TabStrip::OnPerformDrop(const DropTargetEvent& event) {
1640 if (!drop_info_.get()) 1641 if (!drop_info_.get())
1641 return ui::DragDropTypes::DRAG_NONE; 1642 return ui::DragDropTypes::DRAG_NONE;
1642 1643
1643 const int drop_index = drop_info_->drop_index; 1644 const int drop_index = drop_info_->drop_index;
1644 const bool drop_before = drop_info_->drop_before; 1645 const bool drop_before = drop_info_->drop_before;
1645 const bool file_supported = drop_info_->file_supported; 1646 const bool file_supported = drop_info_->file_supported;
1646 1647
1647 // Hide the drop indicator. 1648 // Hide the drop indicator.
1648 SetDropIndex(-1, false); 1649 SetDropIndex(-1, false);
1649 1650
1650 // Do nothing if the file was unsupported or the URL is invalid. The URL may 1651 // Do nothing if the file was unsupported, the URL is invalid, or this is a
1651 // have been changed after |drop_info_| was created. 1652 // javascript: URL (prevent self-xss). The URL may have been changed after
1653 // |drop_info_| was created.
1652 GURL url; 1654 GURL url;
1653 base::string16 title; 1655 base::string16 title;
1654 if (!file_supported || 1656 if (!file_supported ||
1655 !event.data().GetURLAndTitle( 1657 !event.data().GetURLAndTitle(
1656 ui::OSExchangeData::CONVERT_FILENAMES, &url, &title) || 1658 ui::OSExchangeData::CONVERT_FILENAMES, &url, &title) ||
1657 !url.is_valid()) 1659 !url.is_valid() ||
1660 url.SchemeIs(url::kJavaScriptScheme))
1658 return ui::DragDropTypes::DRAG_NONE; 1661 return ui::DragDropTypes::DRAG_NONE;
1659 1662
1660 controller_->PerformDrop(drop_before, drop_index, url); 1663 controller_->PerformDrop(drop_before, drop_index, url);
1661 1664
1662 return GetDropEffect(event); 1665 return GetDropEffect(event);
1663 } 1666 }
1664 1667
1665 void TabStrip::GetAccessibleState(ui::AXViewState* state) { 1668 void TabStrip::GetAccessibleState(ui::AXViewState* state) {
1666 state->role = ui::AX_ROLE_TAB_LIST; 1669 state->role = ui::AX_ROLE_TAB_LIST;
1667 } 1670 }
(...skipping 1218 matching lines...) Expand 10 before | Expand all | Expand 10 after
2886 ConvertPointToViewAndGetEventHandler(this, newtab_button_, point); 2889 ConvertPointToViewAndGetEventHandler(this, newtab_button_, point);
2887 if (view) 2890 if (view)
2888 return view; 2891 return view;
2889 } 2892 }
2890 Tab* tab = FindTabForEvent(point); 2893 Tab* tab = FindTabForEvent(point);
2891 if (tab) 2894 if (tab)
2892 return ConvertPointToViewAndGetEventHandler(this, tab, point); 2895 return ConvertPointToViewAndGetEventHandler(this, tab, point);
2893 } 2896 }
2894 return this; 2897 return this;
2895 } 2898 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698