OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #import "chrome/browser/ui/cocoa/toolbar/toolbar_controller.h" | 5 #import "chrome/browser/ui/cocoa/toolbar/toolbar_controller.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
9 #include "base/mac/bundle_locations.h" | 9 #include "base/mac/bundle_locations.h" |
10 #include "base/mac/foundation_util.h" | 10 #include "base/mac/foundation_util.h" |
(...skipping 1132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1143 } | 1143 } |
1144 | 1144 |
1145 // TODO(viettrungluu): dropping multiple URLs? | 1145 // TODO(viettrungluu): dropping multiple URLs? |
1146 if ([urls count] > 1) | 1146 if ([urls count] > 1) |
1147 NOTIMPLEMENTED(); | 1147 NOTIMPLEMENTED(); |
1148 | 1148 |
1149 // Get the first URL and fix it up. | 1149 // Get the first URL and fix it up. |
1150 GURL url(url_formatter::FixupURL( | 1150 GURL url(url_formatter::FixupURL( |
1151 base::SysNSStringToUTF8([urls objectAtIndex:0]), std::string())); | 1151 base::SysNSStringToUTF8([urls objectAtIndex:0]), std::string())); |
1152 | 1152 |
| 1153 // Security: Sanitize text to prevent self-XSS. |
1153 if (url.SchemeIs(url::kJavaScriptScheme)) { | 1154 if (url.SchemeIs(url::kJavaScriptScheme)) { |
1154 browser_->window()->GetLocationBar()->GetOmniboxView()->SetUserText( | 1155 browser_->window()->GetLocationBar()->GetOmniboxView()->SetUserText( |
1155 OmniboxView::StripJavascriptSchemas(base::UTF8ToUTF16(url.spec()))); | 1156 OmniboxView::StripJavascriptSchemas(base::UTF8ToUTF16(url.spec()))); |
| 1157 return; |
1156 } | 1158 } |
| 1159 |
1157 OpenURLParams params(url, Referrer(), WindowOpenDisposition::CURRENT_TAB, | 1160 OpenURLParams params(url, Referrer(), WindowOpenDisposition::CURRENT_TAB, |
1158 ui::PAGE_TRANSITION_TYPED, false); | 1161 ui::PAGE_TRANSITION_TYPED, false); |
1159 browser_->tab_strip_model()->GetActiveWebContents()->OpenURL(params); | 1162 browser_->tab_strip_model()->GetActiveWebContents()->OpenURL(params); |
1160 } | 1163 } |
1161 | 1164 |
1162 // (URLDropTargetController protocol) | 1165 // (URLDropTargetController protocol) |
1163 - (void)dropText:(NSString*)text inView:(NSView*)view at:(NSPoint)point { | 1166 - (void)dropText:(NSString*)text inView:(NSView*)view at:(NSPoint)point { |
1164 // TODO(viettrungluu): This code is more or less copied from the code in | 1167 // TODO(viettrungluu): This code is more or less copied from the code in |
1165 // |TabStripController|. I'll refactor this soon to make it common and expand | 1168 // |TabStripController|. I'll refactor this soon to make it common and expand |
1166 // its capabilities (e.g., allow text DnD). | 1169 // its capabilities (e.g., allow text DnD). |
1167 | 1170 |
1168 // If the input is plain text, classify the input and make the URL. | 1171 // If the input is plain text, classify the input and make the URL. |
1169 AutocompleteMatch match; | 1172 AutocompleteMatch match; |
1170 AutocompleteClassifierFactory::GetForProfile(browser_->profile())->Classify( | 1173 AutocompleteClassifierFactory::GetForProfile(browser_->profile())->Classify( |
1171 base::SysNSStringToUTF16(text), false, false, | 1174 base::SysNSStringToUTF16(text), false, false, |
1172 metrics::OmniboxEventProto::BLANK, &match, NULL); | 1175 metrics::OmniboxEventProto::BLANK, &match, NULL); |
1173 GURL url(match.destination_url); | 1176 GURL url(match.destination_url); |
1174 | 1177 |
| 1178 // Security: Block JavaScript to prevent self-XSS. |
| 1179 if (url.SchemeIs(url::kJavaScriptScheme)) |
| 1180 return; |
| 1181 |
1175 OpenURLParams params(url, Referrer(), WindowOpenDisposition::CURRENT_TAB, | 1182 OpenURLParams params(url, Referrer(), WindowOpenDisposition::CURRENT_TAB, |
1176 ui::PAGE_TRANSITION_TYPED, false); | 1183 ui::PAGE_TRANSITION_TYPED, false); |
1177 browser_->tab_strip_model()->GetActiveWebContents()->OpenURL(params); | 1184 browser_->tab_strip_model()->GetActiveWebContents()->OpenURL(params); |
1178 } | 1185 } |
1179 | 1186 |
1180 // (URLDropTargetController protocol) | 1187 // (URLDropTargetController protocol) |
1181 - (void)indicateDropURLsInView:(NSView*)view at:(NSPoint)point { | 1188 - (void)indicateDropURLsInView:(NSView*)view at:(NSPoint)point { |
1182 // Do nothing. | 1189 // Do nothing. |
1183 } | 1190 } |
1184 | 1191 |
1185 // (URLDropTargetController protocol) | 1192 // (URLDropTargetController protocol) |
1186 - (void)hideDropURLsIndicatorInView:(NSView*)view { | 1193 - (void)hideDropURLsIndicatorInView:(NSView*)view { |
1187 // Do nothing. | 1194 // Do nothing. |
1188 } | 1195 } |
1189 | 1196 |
1190 // (URLDropTargetController protocol) | 1197 // (URLDropTargetController protocol) |
1191 - (BOOL)isUnsupportedDropData:(id<NSDraggingInfo>)info { | 1198 - (BOOL)isUnsupportedDropData:(id<NSDraggingInfo>)info { |
1192 return drag_util::IsUnsupportedDropData(profile_, info); | 1199 return drag_util::IsUnsupportedDropData(profile_, info); |
1193 } | 1200 } |
1194 | 1201 |
1195 @end | 1202 @end |
OLD | NEW |