corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1561056 - Pass CSP on Link-drop r=ckerschb,Gijs,farre

Browse Source 
***
Fix linux build

Differential Revision: https://phabricator.services.mozilla.com/D37563
This commit is contained in:
Sebastian Streich
2019-08-20 12:43:02 +00:00
parent dd76fcf70c
commit 007a1ec087
23 changed files with 152 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
browser/base/content/tabbrowser-tabs.js
View File

@@ -746,7 +746,7 @@
let replace = !!targetTab;
let newIndex = this._getDropIndex(event, true);
let urls = links.map(link => link.url);
let csp = browserDragAndDrop.getCSP(event);
let triggeringPrincipal = browserDragAndDrop.getTriggeringPrincipal(
event
);
@@ -774,6 +774,7 @@
newIndex,
userContextId,
triggeringPrincipal,
csp,
});
})();
}

4
dom/base/ContentAreaDropListener.jsm
View File

@@ -219,6 +219,10 @@ ContentAreaDropListener.prototype = {
getCSP: function(aEvent) {
let sourceNode = aEvent.dataTransfer.mozSourceNode;
if (aEvent.dataTransfer.mozCSP !== null) {
return aEvent.dataTransfer.mozCSP;
}
if (
sourceNode &&
(sourceNode.localName !== "browser" ||

15
dom/base/nsContentAreaDragDrop.cpp
View File

@@ -65,7 +65,7 @@ class MOZ_STACK_CLASS DragDataProducer {
nsIContent* aSelectionTargetNode, bool aIsAltKeyPressed);
nsresult Produce(DataTransfer* aDataTransfer, bool* aCanDrag,
Selection** aSelection, nsIContent** aDragNode,
nsIPrincipal** aPrincipal);
nsIPrincipal** aPrincipal, nsIContentSecurityPolicy** aCsp);
private:
void AddString(DataTransfer* aDataTransfer, const nsAString& aFlavor,
@@ -110,7 +110,8 @@ nsresult nsContentAreaDragDrop::GetDragData(
nsPIDOMWindowOuter* aWindow, nsIContent* aTarget,
nsIContent* aSelectionTargetNode, bool aIsAltKeyPressed,
DataTransfer* aDataTransfer, bool* aCanDrag, Selection** aSelection,
nsIContent** aDragNode, nsIPrincipal** aPrincipal) {
nsIContent** aDragNode, nsIPrincipal** aPrincipal,
nsIContentSecurityPolicy** aCsp) {
NS_ENSURE_TRUE(aSelectionTargetNode, NS_ERROR_INVALID_ARG);
*aCanDrag = true;
@@ -118,7 +119,7 @@ nsresult nsContentAreaDragDrop::GetDragData(
DragDataProducer provider(aWindow, aTarget, aSelectionTargetNode,
aIsAltKeyPressed);
return provider.Produce(aDataTransfer, aCanDrag, aSelection, aDragNode,
aPrincipal);
aPrincipal, aCsp);
}
NS_IMPL_ISUPPORTS(nsContentAreaDragDropDataProvider, nsIFlavorDataProvider)
@@ -491,7 +492,8 @@ nsresult DragDataProducer::GetImageData(imgIContainer* aImage,
nsresult DragDataProducer::Produce(DataTransfer* aDataTransfer, bool* aCanDrag,
Selection** aSelection,
nsIContent** aDragNode,
nsIPrincipal** aPrincipal) {
nsIPrincipal** aPrincipal,
nsIContentSecurityPolicy** aCsp) {
MOZ_ASSERT(aCanDrag && aSelection && aDataTransfer && aDragNode,
"null pointer passed to Produce");
NS_ASSERTION(mWindow, "window not set");
@@ -720,6 +722,11 @@ nsresult DragDataProducer::Produce(DataTransfer* aDataTransfer, bool* aCanDrag,
nsCOMPtr<Document> doc = mWindow->GetDoc();
NS_ENSURE_TRUE(doc, NS_ERROR_FAILURE);
nsCOMPtr<nsIContentSecurityPolicy> csp = doc->GetCsp();
if (csp) {
NS_IF_ADDREF(*aCsp = csp);
}
// if we have selected text, use it in preference to the node
nsCOMPtr<nsITransferable> transferable;
if (*aSelection) {

7
dom/base/nsContentAreaDragDrop.h
View File

@@ -11,6 +11,7 @@
#include "nsIDOMEventListener.h"
#include "nsITransferable.h"
#include "nsIContentSecurityPolicy.h"
class nsPIDOMWindowOuter;
class nsITransferable;
@@ -48,6 +49,8 @@ class nsContentAreaDragDrop {
* drag occurred on another element.
* aPrincipal - [out] set to the triggering principal of the drag, or null if
* it's from browser chrome or OS
* aCSP - [out] set to the CSP of the Drag, or null if
* it's from browser chrome or OS
*/
static nsresult GetDragData(nsPIDOMWindowOuter* aWindow, nsIContent* aTarget,
nsIContent* aSelectionTargetNode,
@@ -55,8 +58,8 @@ class nsContentAreaDragDrop {
mozilla::dom::DataTransfer* aDataTransfer,
bool* aCanDrag,
mozilla::dom::Selection** aSelection,
nsIContent** aDragNode,
nsIPrincipal** aPrincipal);
nsIContent** aDragNode, nsIPrincipal** aPrincipal,
nsIContentSecurityPolicy** aCsp);
};
// this is used to save images to disk lazily when the image data is asked for

10
dom/events/DataTransfer.cpp
View File

@@ -318,6 +318,16 @@ void DataTransfer::GetMozTriggeringPrincipalURISpec(
CopyUTF8toUTF16(spec, aPrincipalURISpec);
}
nsIContentSecurityPolicy* DataTransfer::GetMozCSP() {
nsCOMPtr<nsIDragSession> dragSession = nsContentUtils::GetDragSession();
if (!dragSession) {
return nullptr;
}
nsCOMPtr<nsIContentSecurityPolicy> csp;
dragSession->GetCsp(getter_AddRefs(csp));
return csp;
}
already_AddRefed<FileList> DataTransfer::GetFiles(
nsIPrincipal& aSubjectPrincipal) {
return mItems->Files(&aSubjectPrincipal);

2
dom/events/DataTransfer.h
View File

@@ -274,6 +274,8 @@ class DataTransfer final : public nsISupports, public nsWrapperCache {
void GetMozTriggeringPrincipalURISpec(nsAString& aPrincipalURISpec);
nsIContentSecurityPolicy* GetMozCSP();
mozilla::dom::Element* GetDragTarget() const { return mDragTarget; }
nsresult GetDataAtNoSecurityCheck(const nsAString& aFormat, uint32_t aIndex,

34
dom/events/EventStateManager.cpp
View File

@@ -1290,10 +1290,13 @@ void EventStateManager::DispatchCrossProcessEvent(WidgetEvent* aEvent,
uint32_t dropEffect = nsIDragService::DRAGDROP_ACTION_NONE;
uint32_t action = nsIDragService::DRAGDROP_ACTION_NONE;
nsCOMPtr<nsIPrincipal> principal;
nsCOMPtr<nsIContentSecurityPolicy> csp;
if (dragSession) {
dragSession->DragEventDispatchedToChildProcess();
dragSession->GetDragAction(&action);
dragSession->GetTriggeringPrincipal(getter_AddRefs(principal));
dragSession->GetCsp(getter_AddRefs(csp));
RefPtr<DataTransfer> initialDataTransfer =
dragSession->GetDataTransfer();
if (initialDataTransfer) {
@@ -1302,7 +1305,8 @@ void EventStateManager::DispatchCrossProcessEvent(WidgetEvent* aEvent,
}
browserParent->SendRealDragEvent(*aEvent->AsDragEvent(), action,
dropEffect, IPC::Principal(principal));
dropEffect, IPC::Principal(principal),
csp);
return;
}
case ePluginEventClass: {
@@ -1794,6 +1798,7 @@ void EventStateManager::GenerateDragGesture(nsPresContext* aPresContext,
RefPtr<RemoteDragStartData> remoteDragStartData;
nsCOMPtr<nsIContent> eventContent, targetContent;
nsCOMPtr<nsIPrincipal> principal;
nsCOMPtr<nsIContentSecurityPolicy> csp;
mCurrentTarget->GetContentForEvent(aEvent, getter_AddRefs(eventContent));
if (eventContent) {
// If the content is a text node in a password field, we shouldn't
@@ -1817,7 +1822,7 @@ void EventStateManager::GenerateDragGesture(nsPresContext* aPresContext,
DetermineDragTargetAndDefaultData(
window, eventContent, dataTransfer, getter_AddRefs(selection),
getter_AddRefs(remoteDragStartData), getter_AddRefs(targetContent),
getter_AddRefs(principal));
getter_AddRefs(principal), getter_AddRefs(csp));
}
// Stop tracking the drag gesture now. This should stop us from
@@ -1872,7 +1877,8 @@ void EventStateManager::GenerateDragGesture(nsPresContext* aPresContext,
nsCOMPtr<nsIObserverService> observerService =
mozilla::services::GetObserverService();
// Emit observer event to allow addons to modify the DataTransfer object.
// Emit observer event to allow addons to modify the DataTransfer
// object.
if (observerService) {
observerService->NotifyObservers(dataTransfer,
"on-datatransfer-available", nullptr);
@@ -1881,7 +1887,7 @@ void EventStateManager::GenerateDragGesture(nsPresContext* aPresContext,
if (status != nsEventStatus_eConsumeNoDefault) {
bool dragStarted =
DoDefaultDragStart(aPresContext, event, dataTransfer, targetContent,
selection, remoteDragStartData, principal);
selection, remoteDragStartData, principal, csp);
if (dragStarted) {
sActiveESM = nullptr;
MaybeFirePointerCancel(aEvent);
@@ -1903,7 +1909,7 @@ void EventStateManager::DetermineDragTargetAndDefaultData(
nsPIDOMWindowOuter* aWindow, nsIContent* aSelectionTarget,
DataTransfer* aDataTransfer, Selection** aSelection,
RemoteDragStartData** aRemoteDragStartData, nsIContent** aTargetNode,
nsIPrincipal** aPrincipal) {
nsIPrincipal** aPrincipal, nsIContentSecurityPolicy** aCsp) {
*aTargetNode = nullptr;
nsCOMPtr<nsIContent> dragDataNode;
@@ -1918,7 +1924,8 @@ void EventStateManager::DetermineDragTargetAndDefaultData(
if (mGestureDownDragStartData) {
// A child process started a drag so use any data it assigned for the dnd
// session.
mGestureDownDragStartData->AddInitialDnDDataTo(aDataTransfer, aPrincipal);
mGestureDownDragStartData->AddInitialDnDDataTo(aDataTransfer, aPrincipal,
aCsp);
mGestureDownDragStartData.forget(aRemoteDragStartData);
}
} else {
@@ -1934,7 +1941,7 @@ void EventStateManager::DetermineDragTargetAndDefaultData(
bool wasAlt = (mGestureModifiers & MODIFIER_ALT) != 0;
nsresult rv = nsContentAreaDragDrop::GetDragData(
aWindow, mGestureDownContent, aSelectionTarget, wasAlt, aDataTransfer,
&canDrag, aSelection, getter_AddRefs(dragDataNode), aPrincipal);
&canDrag, aSelection, getter_AddRefs(dragDataNode), aPrincipal, aCsp);
if (NS_FAILED(rv) || !canDrag) {
return;
}
@@ -1996,7 +2003,8 @@ void EventStateManager::DetermineDragTargetAndDefaultData(
bool EventStateManager::DoDefaultDragStart(
nsPresContext* aPresContext, WidgetDragEvent* aDragEvent,
DataTransfer* aDataTransfer, nsIContent* aDragTarget, Selection* aSelection,
RemoteDragStartData* aDragStartData, nsIPrincipal* aPrincipal) {
RemoteDragStartData* aDragStartData, nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp) {
nsCOMPtr<nsIDragService> dragService =
do_GetService("@mozilla.org/widget/dragservice;1");
if (!dragService) return false;
@@ -2069,16 +2077,16 @@ bool EventStateManager::DoDefaultDragStart(
// other than a selection is being dragged.
if (!dragImage && aSelection) {
dragService->InvokeDragSessionWithSelection(
aSelection, aPrincipal, transArray, action, event, dataTransfer);
aSelection, aPrincipal, aCsp, transArray, action, event, dataTransfer);
} else if (aDragStartData) {
MOZ_ASSERT(XRE_IsParentProcess());
dragService->InvokeDragSessionWithRemoteImage(
dragTarget, aPrincipal, transArray, action, aDragStartData, event,
dragTarget, aPrincipal, aCsp, transArray, action, aDragStartData, event,
dataTransfer);
} else {
dragService->InvokeDragSessionWithImage(dragTarget, aPrincipal, transArray,
action, dragImage, imageX, imageY,
event, dataTransfer);
dragService->InvokeDragSessionWithImage(
dragTarget, aPrincipal, aCsp, transArray, action, dragImage, imageX,
imageY, event, dataTransfer);
}
return true;

5
dom/events/EventStateManager.h
View File

@@ -1082,7 +1082,7 @@ class EventStateManager : public nsSupportsWeakReference, public nsIObserver {
nsPIDOMWindowOuter* aWindow, nsIContent* aSelectionTarget,
dom::DataTransfer* aDataTransfer, dom::Selection** aSelection,
dom::RemoteDragStartData** aRemoteDragStartData, nsIContent** aTargetNode,
nsIPrincipal** aPrincipal);
nsIPrincipal** aPrincipal, nsIContentSecurityPolicy** aCsp);
/*
* Perform the default handling for the dragstart event and set up a
@@ -1103,7 +1103,8 @@ class EventStateManager : public nsSupportsWeakReference, public nsIObserver {
dom::DataTransfer* aDataTransfer,
nsIContent* aDragTarget, dom::Selection* aSelection,
dom::RemoteDragStartData* aDragStartData,
nsIPrincipal* aPrincipal);
nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp);
bool IsTrackingDragGesture() const { return mGestureDownContent != nullptr; }
/**

10
dom/events/RemoteDragStartData.cpp
View File

@@ -19,15 +19,19 @@ RemoteDragStartData::~RemoteDragStartData() {}
RemoteDragStartData::RemoteDragStartData(
BrowserParent* aBrowserParent, nsTArray<IPCDataTransfer>&& aDataTransfer,
const LayoutDeviceIntRect& aRect, nsIPrincipal* aPrincipal)
const LayoutDeviceIntRect& aRect, nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp)
: mBrowserParent(aBrowserParent),
mDataTransfer(aDataTransfer),
mRect(aRect),
mPrincipal(aPrincipal) {}
mPrincipal(aPrincipal),
mCsp(aCsp) {}
void RemoteDragStartData::AddInitialDnDDataTo(DataTransfer* aDataTransfer,
nsIPrincipal** aPrincipal) {
nsIPrincipal** aPrincipal,
nsIContentSecurityPolicy** aCsp) {
NS_IF_ADDREF(*aPrincipal = mPrincipal);
NS_IF_ADDREF(*aCsp = mCsp);
for (uint32_t i = 0; i < mDataTransfer.Length(); ++i) {
nsTArray<IPCDataTransferItem>& itemArray = mDataTransfer[i].items();

6
dom/events/RemoteDragStartData.h
View File

@@ -27,7 +27,7 @@ class RemoteDragStartData {
RemoteDragStartData(BrowserParent* aBrowserParent,
nsTArray<IPCDataTransfer>&& aDataTransfer,
const LayoutDeviceIntRect& aRect,
nsIPrincipal* aPrincipal);
nsIPrincipal* aPrincipal, nsIContentSecurityPolicy* aCsp);
void SetVisualization(
already_AddRefed<gfx::DataSourceSurface> aVisualization) {
@@ -43,7 +43,8 @@ class RemoteDragStartData {
}
void AddInitialDnDDataTo(DataTransfer* aDataTransfer,
nsIPrincipal** aPrincipal);
nsIPrincipal** aPrincipal,
nsIContentSecurityPolicy** aCsp);
private:
virtual ~RemoteDragStartData();
@@ -52,6 +53,7 @@ class RemoteDragStartData {
nsTArray<IPCDataTransfer> mDataTransfer;
const LayoutDeviceIntRect mRect;
nsCOMPtr<nsIPrincipal> mPrincipal;
nsCOMPtr<nsIContentSecurityPolicy> mCsp;
RefPtr<mozilla::gfx::SourceSurface> mVisualization;
};

4
dom/ipc/BrowserChild.cpp
View File

@@ -1862,7 +1862,8 @@ mozilla::ipc::IPCResult BrowserChild::RecvNormalPriorityRealTouchMoveEvent(
mozilla::ipc::IPCResult BrowserChild::RecvRealDragEvent(
const WidgetDragEvent& aEvent, const uint32_t& aDragAction,
const uint32_t& aDropEffect, nsIPrincipal* aPrincipal) {
const uint32_t& aDropEffect, nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp) {
WidgetDragEvent localEvent(aEvent);
localEvent.mWidget = mPuppetWidget;
@@ -1870,6 +1871,7 @@ mozilla::ipc::IPCResult BrowserChild::RecvRealDragEvent(
if (dragSession) {
dragSession->SetDragAction(aDragAction);
dragSession->SetTriggeringPrincipal(aPrincipal);
dragSession->SetCsp(aCsp);
RefPtr<DataTransfer> initialDataTransfer = dragSession->GetDataTransfer();
if (initialDataTransfer) {
initialDataTransfer->SetDropEffectInt(aDropEffect);

3
dom/ipc/BrowserChild.h
View File

@@ -324,7 +324,8 @@ class BrowserChild final : public nsMessageManagerScriptExecutor,
mozilla::ipc::IPCResult RecvRealDragEvent(const WidgetDragEvent& aEvent,
const uint32_t& aDragAction,
const uint32_t& aDropEffect,
nsIPrincipal* aPrincipal);
nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp);
mozilla::ipc::IPCResult RecvRealKeyEvent(
const mozilla::WidgetKeyboardEvent& aEvent);

9
dom/ipc/BrowserParent.cpp
View File

@@ -1453,7 +1453,8 @@ bool BrowserParent::QueryDropLinksForVerification() {
void BrowserParent::SendRealDragEvent(WidgetDragEvent& aEvent,
uint32_t aDragAction,
uint32_t aDropEffect,
nsIPrincipal* aPrincipal) {
nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp) {
if (mIsDestroyed || !mIsReadyToHandleInputEvents) {
return;
}
@@ -1465,7 +1466,7 @@ void BrowserParent::SendRealDragEvent(WidgetDragEvent& aEvent,
}
}
DebugOnly<bool> ret = PBrowserParent::SendRealDragEvent(
aEvent, aDragAction, aDropEffect, aPrincipal);
aEvent, aDragAction, aDropEffect, aPrincipal, aCsp);
NS_WARNING_ASSERTION(ret, "PBrowserParent::SendRealDragEvent() failed");
MOZ_ASSERT(!ret || aEvent.HasBeenPostedToRemoteProcess());
}
@@ -3636,7 +3637,7 @@ mozilla::ipc::IPCResult BrowserParent::RecvInvokeDragSession(
nsTArray<IPCDataTransfer>&& aTransfers, const uint32_t& aAction,
Maybe<Shmem>&& aVisualDnDData, const uint32_t& aStride,
const gfx::SurfaceFormat& aFormat, const LayoutDeviceIntRect& aDragRect,
nsIPrincipal* aPrincipal) {
nsIPrincipal* aPrincipal, nsIContentSecurityPolicy* aCsp) {
PresShell* presShell = mFrameElement->OwnerDoc()->GetPresShell();
if (!presShell) {
Unused << Manager()->SendEndDragSession(true, true, LayoutDeviceIntPoint(),
@@ -3648,7 +3649,7 @@ mozilla::ipc::IPCResult BrowserParent::RecvInvokeDragSession(
}
RefPtr<RemoteDragStartData> dragStartData = new RemoteDragStartData(
this, std::move(aTransfers), aDragRect, aPrincipal);
this, std::move(aTransfers), aDragRect, aPrincipal, aCsp);
if (!aVisualDnDData.isNothing() && aVisualDnDData.ref().IsReadable() &&
aVisualDnDData.ref().Size<char>() >= aDragRect.height * aStride) {

5
dom/ipc/BrowserParent.h
View File

@@ -577,7 +577,8 @@ class BrowserParent final : public PBrowserParent,
void SendRealMouseEvent(WidgetMouseEvent& aEvent);
void SendRealDragEvent(WidgetDragEvent& aEvent, uint32_t aDragAction,
uint32_t aDropEffect, nsIPrincipal* aPrincipal);
uint32_t aDropEffect, nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp);
void SendMouseWheelEvent(WidgetWheelEvent& aEvent);
@@ -687,7 +688,7 @@ class BrowserParent final : public PBrowserParent,
nsTArray<IPCDataTransfer>&& aTransfers, const uint32_t& aAction,
Maybe<Shmem>&& aVisualDnDData, const uint32_t& aStride,
const gfx::SurfaceFormat& aFormat, const LayoutDeviceIntRect& aDragRect,
nsIPrincipal* aPrincipal);
nsIPrincipal* aPrincipal, nsIContentSecurityPolicy* aCsp);
void AddInitialDnDDataTo(DataTransfer* aDataTransfer,
nsIPrincipal** aPrincipal);

5
dom/ipc/PBrowser.ipdl
View File

@@ -665,7 +665,7 @@ parent:
Shmem? visualData,
uint32_t stride, SurfaceFormat format,
LayoutDeviceIntRect dragRect,
nsIPrincipal principal);
nsIPrincipal principal, nsIContentSecurityPolicy csp);
// After a compositor reset, it is necessary to reconnect each layers ID to
// the compositor of the widget that will render those layers. Note that
@@ -824,7 +824,8 @@ child:
* don't need support RealDragEvent with input priority.
*/
async RealDragEvent(WidgetDragEvent aEvent, uint32_t aDragAction,
uint32_t aDropEffect, nsIPrincipal aPrincipal);
uint32_t aDropEffect, nsIPrincipal aPrincipal,
nsIContentSecurityPolicy csp);
async PluginEvent(WidgetPluginEvent aEvent);

4
dom/webidl/DataTransfer.webidl
View File

@@ -6,6 +6,7 @@
* The origin of this IDL file is:
* http://www.whatwg.org/specs/web-apps/current-work/#the-datatransfer-interface
*/
interface ContentSecurityPolicy;
[Constructor]
interface DataTransfer {
@@ -164,6 +165,9 @@ partial interface DataTransfer {
[ChromeOnly]
readonly attribute DOMString mozTriggeringPrincipalURISpec;
[ChromeOnly]
readonly attribute ContentSecurityPolicy? mozCSP;
/**
* Copy the given DataTransfer for the given event. Used by testing code for
* creating emulated Drag and Drop events in the UI.

6
widget/gtk/nsDragService.cpp
View File

@@ -289,8 +289,8 @@ static GtkWindow* GetGtkWindow(dom::Document* aDocument) {
NS_IMETHODIMP
nsDragService::InvokeDragSession(
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIArray* aArrayTransferables,
uint32_t aActionType,
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIContentSecurityPolicy* aCsp,
nsIArray* aArrayTransferables, uint32_t aActionType,
nsContentPolicyType aContentPolicyType = nsIContentPolicy::TYPE_OTHER) {
MOZ_LOG(sDragLm, LogLevel::Debug, ("nsDragService::InvokeDragSession"));
@@ -300,7 +300,7 @@ nsDragService::InvokeDragSession(
// know whether or not the drag succeeded.
if (mSourceNode) return NS_ERROR_NOT_AVAILABLE;
return nsBaseDragService::InvokeDragSession(aDOMNode, aPrincipal,
return nsBaseDragService::InvokeDragSession(aDOMNode, aPrincipal, aCsp,
aArrayTransferables, aActionType,
aContentPolicyType);
}

8
widget/gtk/nsDragService.h
View File

@@ -63,10 +63,10 @@ class nsDragService final : public nsBaseDragService, public nsIObserver {
const mozilla::Maybe<mozilla::CSSIntRegion>& aRegion,
uint32_t aActionType) override;
// nsIDragService
MOZ_CAN_RUN_SCRIPT NS_IMETHOD
InvokeDragSession(nsINode* aDOMNode, nsIPrincipal* aPrincipal,
nsIArray* anArrayTransferables, uint32_t aActionType,
nsContentPolicyType aContentPolicyType) override;
MOZ_CAN_RUN_SCRIPT NS_IMETHOD InvokeDragSession(
nsINode* aDOMNode, nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp, nsIArray* anArrayTransferables,
uint32_t aActionType, nsContentPolicyType aContentPolicyType) override;
NS_IMETHOD StartDragSession() override;
MOZ_CAN_RUN_SCRIPT NS_IMETHOD EndDragSession(bool aDoneDrag,
uint32_t aKeyModifiers) override;

54
widget/nsBaseDragService.cpp
View File

@@ -162,6 +162,18 @@ nsBaseDragService::SetTriggeringPrincipal(nsIPrincipal* aPrincipal) {
return NS_OK;
}
NS_IMETHODIMP
nsBaseDragService::GetCsp(nsIContentSecurityPolicy** aCsp) {
NS_IF_ADDREF(*aCsp = mCsp);
return NS_OK;
}
NS_IMETHODIMP
nsBaseDragService::SetCsp(nsIContentSecurityPolicy* aCsp) {
mCsp = aCsp;
return NS_OK;
}
//-------------------------------------------------------------------------
NS_IMETHODIMP
@@ -200,8 +212,8 @@ void nsBaseDragService::SetDataTransfer(DataTransfer* aDataTransfer) {
//-------------------------------------------------------------------------
NS_IMETHODIMP
nsBaseDragService::InvokeDragSession(
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIArray* aTransferableArray,
uint32_t aActionType,
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIContentSecurityPolicy* aCsp,
nsIArray* aTransferableArray, uint32_t aActionType,
nsContentPolicyType aContentPolicyType = nsIContentPolicy::TYPE_OTHER) {
AUTO_PROFILER_LABEL("nsBaseDragService::InvokeDragSession", OTHER);
@@ -228,6 +240,7 @@ nsBaseDragService::InvokeDragSession(
// stash the document of the dom node
mSourceDocument = aDOMNode->OwnerDoc();
mTriggeringPrincipal = aPrincipal;
mCsp = aCsp;
mSourceNode = aDOMNode;
mContentPolicyType = aContentPolicyType;
mEndDragPoint = LayoutDeviceIntPoint(0, 0);
@@ -263,9 +276,10 @@ nsBaseDragService::InvokeDragSession(
NS_IMETHODIMP
nsBaseDragService::InvokeDragSessionWithImage(
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIArray* aTransferableArray,
uint32_t aActionType, nsINode* aImage, int32_t aImageX, int32_t aImageY,
DragEvent* aDragEvent, DataTransfer* aDataTransfer) {
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIContentSecurityPolicy* aCsp,
nsIArray* aTransferableArray, uint32_t aActionType, nsINode* aImage,
int32_t aImageX, int32_t aImageY, DragEvent* aDragEvent,
DataTransfer* aDataTransfer) {
NS_ENSURE_TRUE(aDragEvent, NS_ERROR_NULL_POINTER);
NS_ENSURE_TRUE(aDataTransfer, NS_ERROR_NULL_POINTER);
NS_ENSURE_TRUE(mSuppressLevel == 0, NS_ERROR_FAILURE);
@@ -302,17 +316,18 @@ nsBaseDragService::InvokeDragSessionWithImage(
#endif
nsresult rv =
InvokeDragSession(aDOMNode, aPrincipal, aTransferableArray, aActionType,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
InvokeDragSession(aDOMNode, aPrincipal, aCsp, aTransferableArray,
aActionType, nsIContentPolicy::TYPE_INTERNAL_IMAGE);
mRegion = Nothing();
return rv;
}
NS_IMETHODIMP
nsBaseDragService::InvokeDragSessionWithRemoteImage(
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIArray* aTransferableArray,
uint32_t aActionType, RemoteDragStartData* aDragStartData,
DragEvent* aDragEvent, DataTransfer* aDataTransfer) {
nsINode* aDOMNode, nsIPrincipal* aPrincipal, nsIContentSecurityPolicy* aCsp,
nsIArray* aTransferableArray, uint32_t aActionType,
RemoteDragStartData* aDragStartData, DragEvent* aDragEvent,
DataTransfer* aDataTransfer) {
NS_ENSURE_TRUE(aDragEvent, NS_ERROR_NULL_POINTER);
NS_ENSURE_TRUE(aDataTransfer, NS_ERROR_NULL_POINTER);
NS_ENSURE_TRUE(mSuppressLevel == 0, NS_ERROR_FAILURE);
@@ -330,19 +345,17 @@ nsBaseDragService::InvokeDragSessionWithRemoteImage(
mInputSource = aDragEvent->MozInputSource();
nsresult rv =
InvokeDragSession(aDOMNode, aPrincipal, aTransferableArray, aActionType,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
InvokeDragSession(aDOMNode, aPrincipal, aCsp, aTransferableArray,
aActionType, nsIContentPolicy::TYPE_INTERNAL_IMAGE);
mRegion = Nothing();
return rv;
}
NS_IMETHODIMP
nsBaseDragService::InvokeDragSessionWithSelection(Selection* aSelection,
nsIPrincipal* aPrincipal,
nsIArray* aTransferableArray,
uint32_t aActionType,
DragEvent* aDragEvent,
DataTransfer* aDataTransfer) {
nsBaseDragService::InvokeDragSessionWithSelection(
Selection* aSelection, nsIPrincipal* aPrincipal,
nsIContentSecurityPolicy* aCsp, nsIArray* aTransferableArray,
uint32_t aActionType, DragEvent* aDragEvent, DataTransfer* aDataTransfer) {
NS_ENSURE_TRUE(aSelection, NS_ERROR_NULL_POINTER);
NS_ENSURE_TRUE(aDragEvent, NS_ERROR_NULL_POINTER);
NS_ENSURE_TRUE(mSuppressLevel == 0, NS_ERROR_FAILURE);
@@ -365,8 +378,8 @@ nsBaseDragService::InvokeDragSessionWithSelection(Selection* aSelection,
// endpoints of the selection
nsCOMPtr<nsINode> node = aSelection->GetFocusNode();
return InvokeDragSession(node, aPrincipal, aTransferableArray, aActionType,
nsIContentPolicy::TYPE_OTHER);
return InvokeDragSession(node, aPrincipal, aCsp, aTransferableArray,
aActionType, nsIContentPolicy::TYPE_OTHER);
}
//-------------------------------------------------------------------------
@@ -462,6 +475,7 @@ nsBaseDragService::EndDragSession(bool aDoneDrag, uint32_t aKeyModifiers) {
mSourceDocument = nullptr;
mSourceNode = nullptr;
mTriggeringPrincipal = nullptr;
mCsp = nullptr;
mSelection = nullptr;
mDataTransfer = nullptr;
mHasImage = false;

1
widget/nsBaseDragService.h
View File

@@ -161,6 +161,7 @@ class nsBaseDragService : public nsIDragService, public nsIDragSession {
nsCOMPtr<nsINode> mSourceNode;
nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
nsCOMPtr<nsIContentSecurityPolicy> mCsp;
// the document at the drag source. will be null if it came from outside the
// app.

9
widget/nsDragServiceProxy.cpp
View File

@@ -41,6 +41,11 @@ nsresult nsDragServiceProxy::InvokeDragSessionImpl(
principal = mSourceNode->NodePrincipal();
}
nsCOMPtr<nsIContentSecurityPolicy> csp;
if (mSourceDocument) {
csp = mSourceDocument->GetCsp();
}
LayoutDeviceIntRect dragRect;
if (mHasImage || mSelection) {
nsPresContext* pc;
@@ -68,7 +73,7 @@ nsresult nsDragServiceProxy::InvokeDragSessionImpl(
mozilla::Unused << child->SendInvokeDragSession(
dataTransfers, aActionType, Some(std::move(surfaceData)), stride,
dataSurface->GetFormat(), dragRect, IPC::Principal(principal));
dataSurface->GetFormat(), dragRect, IPC::Principal(principal), csp);
StartDragSession();
return NS_OK;
}
@@ -77,7 +82,7 @@ nsresult nsDragServiceProxy::InvokeDragSessionImpl(
mozilla::Unused << child->SendInvokeDragSession(
dataTransfers, aActionType, Nothing(), 0, static_cast<SurfaceFormat>(0),
dragRect, IPC::Principal(principal));
dragRect, IPC::Principal(principal), csp);
StartDragSession();
return NS_OK;
}

5
widget/nsIDragService.idl
View File

@@ -46,6 +46,7 @@ interface nsIDragService : nsISupports
*
* @param aPrincipal - the triggering principal of the drag, or null if
* it's from browser chrome or OS
* @param aCsp - The csp of the triggering Document
* @param aTransferables - an array of transferables to be dragged
* @param aActionType - specified which of copy/move/link are allowed
* @param aContentPolicyType - the contentPolicyType that will be
@@ -55,6 +56,7 @@ interface nsIDragService : nsISupports
[can_run_script]
void invokeDragSession (in Node aDOMNode,
in nsIPrincipal aPrincipal,
in nsIContentSecurityPolicy aCsp,
in nsIArray aTransferables,
in unsigned long aActionType,
[optional] in nsContentPolicyType aContentPolicyType);
@@ -89,6 +91,7 @@ interface nsIDragService : nsISupports
[noscript, can_run_script]
void invokeDragSessionWithImage(in Node aDOMNode,
in nsIPrincipal aPrincipal,
in nsIContentSecurityPolicy aCsp,
in nsIArray aTransferableArray,
in unsigned long aActionType,
in Node aImage,
@@ -103,6 +106,7 @@ interface nsIDragService : nsISupports
[noscript, can_run_script]
void invokeDragSessionWithRemoteImage(in Node aDOMNode,
in nsIPrincipal aPrincipal,
in nsIContentSecurityPolicy aCsp,
in nsIArray aTransferableArray,
in unsigned long aActionType,
in RemoteDragStartDataPtr aDragStartData,
@@ -119,6 +123,7 @@ interface nsIDragService : nsISupports
[can_run_script]
void invokeDragSessionWithSelection(in Selection aSelection,
in nsIPrincipal aPrincipal,
in nsIContentSecurityPolicy aCsp,
in nsIArray aTransferableArray,
in unsigned long aActionType,
in DragEvent aDragEvent,

9
widget/nsIDragSession.idl
View File

@@ -8,9 +8,11 @@
#include "nsITransferable.idl"
%{ C++
#include "nsSize.h"
%}
interface nsIContentSecurityPolicy;
native nsSize (nsSize);
@@ -62,6 +64,13 @@ interface nsIDragSession : nsISupports
*/
attribute nsIPrincipal triggeringPrincipal;
/**
* the triggering csp. This may be different than sourceNode's
* csp when sourceNode is xul:browser and the drag is
* triggered in a browsing context inside it.
*/
attribute nsIContentSecurityPolicy csp;
/**
* The data transfer object for the current drag.
*/