Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(422)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2448833003: Sandbox should prevent 'execCommand("print", ...)'. (Closed)

Created:
4 years, 1 month ago by Mike West
Modified:
4 years, 1 month ago
CC:
blink-reviews, chromium-reviews
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Sandbox should prevent 'execCommand("print", ...)'. Unless 'allow-modals' is present, 'sandbox' should prevent modal dialogs, including the print dialog popped up from 'execCommand("print", ...)'. The existing code doesn't handle this case; this patch moves the sandbox check up to 'ChromeClient::print()', which handles both 'print()' and 'execCommand("print", ...'. BUG=658985 R=jochen@chromium.org Committed: https://crrev.com/6a616686e564d5cac7d25b61070b5031a818df8d Cr-Commit-Position: refs/heads/master@{#427664}

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+20 lines, -13 lines) Patch
M third_party/WebKit/LayoutTests/http/tests/security/sandbox-iframe-blocks-modals.php View 1 chunk +5 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/editing/commands/EditorCommand.cpp View 1 chunk +1 line, -2 lines 0 comments Download
M third_party/WebKit/Source/core/frame/LocalDOMWindow.cpp View 1 chunk +0 lines, -9 lines 0 comments Download
M third_party/WebKit/Source/core/page/ChromeClient.h View 1 chunk +1 line, -1 line 0 comments Download
M third_party/WebKit/Source/core/page/ChromeClient.cpp View 2 chunks +13 lines, -1 line 0 comments Download

Messages

Total messages: 11 (6 generated)
Mike West
WDYT, Jochen?
4 years, 1 month ago (2016-10-25 09:43:53 UTC) #3
jochen (gone - plz use gerrit)
lgtm
4 years, 1 month ago (2016-10-26 08:22:42 UTC) #6
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2448833003/1
4 years, 1 month ago (2016-10-26 08:24:57 UTC) #8
commit-bot: I haz the power
Committed patchset #1 (id:1)
4 years, 1 month ago (2016-10-26 10:48:16 UTC) #9
commit-bot: I haz the power
4 years, 1 month ago (2016-10-26 10:50:02 UTC) #11
Message was sent while issue was closed. 
Patchset 1 (id:??) landed as
https://crrev.com/6a616686e564d5cac7d25b61070b5031a818df8d
Cr-Commit-Position: refs/heads/master@{#427664}

Powered by Google App Engine
This is Rietveld 408576698