Disable form elements in MHTML

third_party/WebKit/Source/web/WebFrameSerializer.cpp

Index: third_party/WebKit/Source/web/WebFrameSerializer.cpp
diff --git a/third_party/WebKit/Source/web/WebFrameSerializer.cpp b/third_party/WebKit/Source/web/WebFrameSerializer.cpp
index e5e719e323f6557ce0df120451e1fb8c415d6369..a6765b7ff48d4eef376b11fc66a9114b92ad1e64 100644
--- a/third_party/WebKit/Source/web/WebFrameSerializer.cpp
+++ b/third_party/WebKit/Source/web/WebFrameSerializer.cpp
@@ -85,6 +85,7 @@ class MHTMLFrameSerializerDelegate final : public FrameSerializer::Delegate {
   bool rewriteLink(const Element&, String& rewrittenLink) override;
   bool shouldSkipResourceWithURL(const KURL&) override;
   bool shouldSkipResource(const Resource&) override;
+  Vector<Attribute> getCustomAttributes(const Element&) override;
 
  private:
   WebFrameSerializer::MHTMLPartsGenerationDelegate& m_webDelegate;
@@ -166,6 +167,22 @@ bool MHTMLFrameSerializerDelegate::shouldSkipResource(
          resource.hasCacheControlNoStoreHeader();
 }
 
+Vector<Attribute> MHTMLFrameSerializerDelegate::getCustomAttributes(
+    const Element& element) {
+  Vector<Attribute> attributes;
+
+  // Disable all form elements in MTHML to tell the user that the form cannot be
+  // worked on. MHTML is loaded in full sandboxing mode which disable the form
+  // submission and script execution.
+  if (element.isFormControlElement() &&
+      !element.fastHasAttribute(HTMLNames::disabledAttr)) {
+    Attribute disabledAttribute(HTMLNames::disabledAttr, "");
+    attributes.append(disabledAttribute);
+  }
+
+  return attributes;
+}
+
 bool cacheControlNoStoreHeaderPresent(
     const WebLocalFrameImpl& webLocalFrameImpl) {
   const ResourceResponse& response =