Chromium Code Reviews Chromium Code Reviews
Issue 2346023002:
Ignore Javascript urls dropped on tabs (Mac version) (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #import "chrome/browser/ui/cocoa/tabs/tab_strip_controller.h" | 5 #import "chrome/browser/ui/cocoa/tabs/tab_strip_controller.h" |
| 6 | 6 |
| 7 #import <QuartzCore/QuartzCore.h> | 7 #import <QuartzCore/QuartzCore.h> |
| 8 | 8 |
| 9 #include <cmath> | 9 #include <cmath> |
| 10 #include <limits> | 10 #include <limits> |
| (...skipping 2048 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2059 } | 2059 } |
| 2060 | 2060 |
| 2061 - (void)openURL:(GURL*)url inView:(NSView*)view at:(NSPoint)point { | 2061 - (void)openURL:(GURL*)url inView:(NSView*)view at:(NSPoint)point { |
| 2062 // Get the index and disposition. | 2062 // Get the index and disposition. |
| 2063 NSInteger index; | 2063 NSInteger index; |
| 2064 WindowOpenDisposition disposition; | 2064 WindowOpenDisposition disposition; |
| 2065 [self droppingURLsAt:point | 2065 [self droppingURLsAt:point |
| 2066 givesIndex:&index | 2066 givesIndex:&index |
| 2067 disposition:&disposition]; | 2067 disposition:&disposition]; |
| 2068 | 2068 |
| 2069 // Security: Block JavaScript to prevent self-xss | |
|
Avi (use Gerrit)
2016/09/16 18:31:09
Comments are full sentences; end them with a full-
elawrence
2016/09/16 19:02:16
Done.
| |
| 2070 if (url->SchemeIs(url::kJavaScriptScheme)) { | |
| 2071 return; | |
| 2072 } | |
| 2073 | |
|
Avi (use Gerrit)
2016/09/16 18:31:09
Why not put this right at the beginning of the fun
elawrence
2016/09/16 19:02:16
Makes sense.
| |
| 2069 // Either insert a new tab or open in a current tab. | 2074 // Either insert a new tab or open in a current tab. |
| 2070 switch (disposition) { | 2075 switch (disposition) { |
| 2071 case WindowOpenDisposition::NEW_FOREGROUND_TAB: { | 2076 case WindowOpenDisposition::NEW_FOREGROUND_TAB: { |
| 2072 content::RecordAction(UserMetricsAction("Tab_DropURLBetweenTabs")); | 2077 content::RecordAction(UserMetricsAction("Tab_DropURLBetweenTabs")); |
| 2073 chrome::NavigateParams params(browser_, *url, | 2078 chrome::NavigateParams params(browser_, *url, |
| 2074 ui::PAGE_TRANSITION_TYPED); | 2079 ui::PAGE_TRANSITION_TYPED); |
| 2075 params.disposition = disposition; | 2080 params.disposition = disposition; |
| 2076 params.tabstrip_index = index; | 2081 params.tabstrip_index = index; |
| 2077 params.tabstrip_add_types = | 2082 params.tabstrip_add_types = |
| 2078 TabStripModel::ADD_ACTIVE | TabStripModel::ADD_FORCE_INDEX; | 2083 TabStripModel::ADD_ACTIVE | TabStripModel::ADD_FORCE_INDEX; |
| (...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2333 for (int i = 0; i < tabStripModel_->count(); i++) { | 2338 for (int i = 0; i < tabStripModel_->count(); i++) { |
| 2334 [self updateIconsForContents:tabStripModel_->GetWebContentsAt(i) atIndex:i]; | 2339 [self updateIconsForContents:tabStripModel_->GetWebContentsAt(i) atIndex:i]; |
| 2335 } | 2340 } |
| 2336 } | 2341 } |
| 2337 | 2342 |
| 2338 - (void)setVisualEffectsDisabledForFullscreen:(BOOL)fullscreen { | 2343 - (void)setVisualEffectsDisabledForFullscreen:(BOOL)fullscreen { |
| 2339 [tabStripView_ setVisualEffectsDisabledForFullscreen:fullscreen]; | 2344 [tabStripView_ setVisualEffectsDisabledForFullscreen:fullscreen]; |
| 2340 } | 2345 } |
| 2341 | 2346 |
| 2342 @end | 2347 @end |
| OLD | NEW |
