chrome/browser/ui/cocoa/applescript/tab_applescript.mm - Issue 2477633003: [Mac] Add a feature flag to disable Javascript execution in Applescript

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/ui/cocoa/applescript/tab_applescript.mm

Issue 2477633003: [Mac] Add a feature flag to disable Javascript execution in Applescript (Closed)

Patch Set: nit Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/ui/cocoa/applescript/tab_applescript.mm

diff --git a/chrome/browser/ui/cocoa/applescript/tab_applescript.mm b/chrome/browser/ui/cocoa/applescript/tab_applescript.mm

index 4552193c735a82cdb1e332c09676f99214d244dd..ebd35211044e3303bb55f31f05d1bc7b5ba7c44d 100644

--- a/chrome/browser/ui/cocoa/applescript/tab_applescript.mm

+++ b/chrome/browser/ui/cocoa/applescript/tab_applescript.mm

@@ -14,6 +14,7 @@

#include "chrome/browser/ui/cocoa/applescript/apple_event_util.h"

#include "chrome/browser/ui/cocoa/applescript/error_applescript.h"

#include "chrome/browser/ui/cocoa/applescript/metrics_applescript.h"

+#include "chrome/common/chrome_features.h"

#include "chrome/common/chrome_isolated_world_ids.h"

#include "chrome/common/url_constants.h"

#include "components/sessions/core/session_id.h"

@@ -126,6 +127,13 @@ void ResumeAppleEventAndSendReply(NSAppleEventManagerSuspensionID suspension_id,

}

- (void)setURL:(NSString*)aURL {

+ GURL url(base::SysNSStringToUTF8(aURL));

+ if (!base::FeatureList::IsEnabled(features::kAppleScriptExecuteJavaScript) &&

+ url.SchemeIs(url::kJavaScriptScheme)) {

+ AppleScript::SetError(AppleScript::errJavaScriptUnsupported);

+ return;

+ }

// If a scripter sets a URL before the node is added save it at a temporary

// location.

if (!webContents_) {

@@ -133,7 +141,6 @@ void ResumeAppleEventAndSendReply(NSAppleEventManagerSuspensionID suspension_id,

return;

}

- GURL url(base::SysNSStringToUTF8(aURL));

// check for valid url.

if (!url.is_empty() && !url.is_valid()) {

AppleScript::SetError(AppleScript::errInvalidURL);

@@ -287,6 +294,11 @@ void ResumeAppleEventAndSendReply(NSAppleEventManagerSuspensionID suspension_id,

}

- (id)handlesExecuteJavascriptScriptCommand:(NSScriptCommand*)command {

+ if (!base::FeatureList::IsEnabled(features::kAppleScriptExecuteJavaScript)) {

+ AppleScript::SetError(AppleScript::errJavaScriptUnsupported);

+ return nil;

+ }

AppleScript::LogAppleScriptUMA(

AppleScript::AppleScriptCommand::TAB_EXECUTE_JAVASCRIPT);

content::RenderFrameHost* frame = webContents_->GetMainFrame();

« no previous file with comments | « chrome/browser/ui/cocoa/applescript/error_applescript.mm ('k') | chrome/common/chrome_features.h » ('j') | no next file with comments »