Prevent drag-and-drop events from firing over cross-site, same-page frames. (Mac)

content/browser/web_contents/web_drag_dest_mac.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #import <Cocoa/Cocoa.h>
 
 #include <memory>
 
 #include "base/strings/string16.h"
+#include "content/browser/loader/global_routing_id.h"
 #include "content/common/content_export.h"
 #include "content/public/common/drop_data.h"
 #include "ui/gfx/geometry/point.h"
 
 namespace content {
 class RenderViewHost;
 class RenderWidgetHostImpl;
 class WebContentsImpl;
 class WebDragDestDelegate;
 }
@@ skipping 17 matching lines @@
   // allow the drop.
   NSDragOperation currentOperation_;
 
   // Tracks the current RenderWidgetHost we're dragging over.
   base::WeakPtr<content::RenderWidgetHostImpl> currentRWHForDrag_;
 
   // Keep track of the render view host we're dragging over.  If it changes
   // during a drag, we need to re-send the DragEnter message.
   RenderViewHostIdentifier currentRVH_;
 
+  // Tracks the IDs of the source RenderProcessHost and RenderViewHost from
+  // which the current drag originated. These are set in
+  // -setDragStartTrackersForProcess:, and are used to ensure that drag events
+  // do not fire over a cross-site frame (with respect to the source frame) in
+  // the same page (see crbug.com/666858). See
+  // WebContentsViewAura::drag_start_process_id_ for additional information.
+  int dragStartProcessID_;
+  content::GlobalRoutingID dragStartViewID_;
+
   // The data for the current drag, or NULL if none is in progress.
   std::unique_ptr<content::DropData> dropData_;
 
   // True if the drag has been canceled.
   bool canceled_;
 }
 
 // |contents| is the WebContentsImpl representing this tab, used to communicate
 // drag&drop messages to WebCore and handle navigation on a successful drop
 // (if necessary).
@@ skipping 15 matching lines @@
 - (void)draggingExited:(id<NSDraggingInfo>)info;
 - (NSDragOperation)draggingUpdated:(id<NSDraggingInfo>)info
                               view:(NSView*)view;
 - (BOOL)performDragOperation:(id<NSDraggingInfo>)info view:(NSView*)view;
 
 // Helper to call WebWidgetHostInputEventRouter::GetRenderWidgetHostAtPoint().
 - (content::RenderWidgetHostImpl*)
 GetRenderWidgetHostAtPoint:(const NSPoint&)viewPoint
              transformedPt:(gfx::Point*)transformedPt;
 
+// Sets |dragStartProcessID_| and |dragStartViewID_|.
+- (void)setDragStartTrackersForProcess:(int)processID;
+
+// Returns whether |targetRWH| is a valid RenderWidgetHost to be dragging
+// over. This enforces that same-page, cross-site drags are not allowed. See
+// crbug.com/666858.
+- (bool)isValidDragTarget:(content::RenderWidgetHostImpl*)targetRWH;
+
 @end
 
 // Public use only for unit tests.
 @interface WebDragDest(Testing)
 // Given |data|, which should not be nil, fill it in using the contents of the
 // given pasteboard.
 - (void)populateDropData:(content::DropData*)data
              fromPasteboard:(NSPasteboard*)pboard;
 // Given a point in window coordinates and a view in that window, return a
 // flipped point in the coordinate system of |view|.
 - (NSPoint)flipWindowPointToView:(const NSPoint&)windowPoint
                             view:(NSView*)view;
 // Given a point in window coordinates and a view in that window, return a
 // flipped point in screen coordinates.
 - (NSPoint)flipWindowPointToScreen:(const NSPoint&)windowPoint
                               view:(NSView*)view;
 @end