corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 684618 - Deny requests for full-screen in documents containing windowed plugins. Exit full-screen when windowed plugin added document. r=roc

Browse Source
This commit is contained in:
Chris Pearce
2011-10-27 15:57:09 +13:00
parent 95c5ee636d
commit 24ba319202
8 changed files with 287 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
content/base/public/nsContentUtils.h
View File

@@ -1716,6 +1716,22 @@ public:
*/ */
static bool IsFullScreenKeyInputRestricted(); static bool IsFullScreenKeyInputRestricted();
/**
* Returns true if the doctree rooted at aDoc contains any plugins which
* we don't control event dispatch for, i.e. do any plugins in this doc tree
* receive key events outside of our control? This always returns false
* on MacOSX.
*/
static bool HasPluginWithUncontrolledEventDispatch(nsIDocument* aDoc);
/**
* Returns true if the content is in a document and contains a plugin
* which we don't control event dispatch for, i.e. do any plugins in this
* doc tree receive key events outside of our control? This always returns
* false on MacOSX.
*/
static bool HasPluginWithUncontrolledEventDispatch(nsIContent* aContent);
/** /**
* Returns the time limit on handling user input before * Returns the time limit on handling user input before
* nsEventStateManager::IsHandlingUserInput() stops returning true. * nsEventStateManager::IsHandlingUserInput() stops returning true.

67
content/base/src/nsContentUtils.cpp
View File

@@ -203,8 +203,7 @@ static NS_DEFINE_CID(kXTFServiceCID, NS_XTFSERVICE_CID);
#include "nsDOMTouchEvent.h" #include "nsDOMTouchEvent.h"
#include "nsIScriptElement.h" #include "nsIScriptElement.h"
#include "nsIContentViewer.h" #include "nsIContentViewer.h"
#include "nsIObjectLoadingContent.h"
#include "prdtoa.h"
#include "mozilla/Preferences.h" #include "mozilla/Preferences.h"
@@ -5815,6 +5814,70 @@ nsContentUtils::IsFullScreenKeyInputRestricted()
return sFullScreenKeyInputRestricted; return sFullScreenKeyInputRestricted;
} }
static void
CheckForWindowedPlugins(nsIContent* aContent, void* aResult)
{
if (!aContent->IsInDoc()) {
return;
}
nsCOMPtr<nsIObjectLoadingContent> olc(do_QueryInterface(aContent));
if (!olc) {
return;
}
nsRefPtr<nsNPAPIPluginInstance> plugin;
olc->GetPluginInstance(getter_AddRefs(plugin));
if (!plugin) {
return;
}
bool isWindowless = false;
nsresult res = plugin->IsWindowless(&isWindowless);
if (NS_SUCCEEDED(res) && !isWindowless) {
*static_cast<bool*>(aResult) = true;
}
}
static bool
DocTreeContainsWindowedPlugins(nsIDocument* aDoc, void* aResult)
{
if (!nsContentUtils::IsChromeDoc(aDoc)) {
aDoc->EnumerateFreezableElements(CheckForWindowedPlugins, aResult);
}
if (*static_cast<bool*>(aResult)) {
// Return false to stop iteration, we found a windowed plugin.
return false;
}
aDoc->EnumerateSubDocuments(DocTreeContainsWindowedPlugins, aResult);
// Return false to stop iteration if we found a windowed plugin in
// the sub documents.
return !*static_cast<bool*>(aResult);
}
/* static */
bool
nsContentUtils::HasPluginWithUncontrolledEventDispatch(nsIDocument* aDoc)
{
#ifdef XP_MACOSX
// We control dispatch to all mac plugins.
return false;
#endif
bool result = false;
DocTreeContainsWindowedPlugins(aDoc, &result);
return result;
}
/* static */
bool
nsContentUtils::HasPluginWithUncontrolledEventDispatch(nsIContent* aContent)
{
#ifdef XP_MACOSX
// We control dispatch to all mac plugins.
return false;
#endif
bool result = false;
CheckForWindowedPlugins(aContent, &result);
return result;
}
// static // static
void void
nsContentUtils::ReleaseWrapper(nsISupports* aScriptObjectHolder, nsContentUtils::ReleaseWrapper(nsISupports* aScriptObjectHolder,

6
content/base/src/nsDocument.cpp
View File

@@ -8578,13 +8578,11 @@ nsDocument::GetMozFullScreenEnabled(bool *aFullScreen)
NS_ENSURE_ARG_POINTER(aFullScreen); NS_ENSURE_ARG_POINTER(aFullScreen);
*aFullScreen = false; *aFullScreen = false;
if (!nsContentUtils::IsFullScreenApiEnabled()) { if (!nsContentUtils::IsFullScreenApiEnabled() ||
nsContentUtils::HasPluginWithUncontrolledEventDispatch(this)) {
return NS_OK; return NS_OK;
} }
// todo: Bug 684618 - Deny requests for DOM full-screen when windowed
// plugins are present.
// Ensure that all ancestor <iframe> elements have the mozallowfullscreen // Ensure that all ancestor <iframe> elements have the mozallowfullscreen
// boolean attribute set. // boolean attribute set.
nsINode* node = static_cast<nsINode*>(this); nsINode* node = static_cast<nsINode*>(this);

11
content/html/content/src/nsHTMLSharedObjectElement.cpp
View File

@@ -282,6 +282,17 @@ nsHTMLSharedObjectElement::BindToTree(nsIDocument *aDocument,
nsContentUtils::AddScriptRunner(NS_NewRunnableMethod(this, start)); nsContentUtils::AddScriptRunner(NS_NewRunnableMethod(this, start));
} }
#ifndef XP_MACOSX
if (aDocument &&
aDocument->IsFullScreenDoc() &&
nsContentUtils::HasPluginWithUncontrolledEventDispatch(this)) {
// This content contains a windowed plugin for which we don't control
// event dispatch, and we're in full-screen mode. Exit full-screen mode
// to prevent phishing attacks.
NS_DispatchToCurrentThread(
NS_NewRunnableMethod(aDocument, &nsIDocument::CancelFullScreen));
}
#endif
return NS_OK; return NS_OK;
} }

1
content/html/content/test/Makefile.in
View File

@@ -281,6 +281,7 @@ _TEST_FILES = \
file_fullscreen-api.html \ file_fullscreen-api.html \
file_fullscreen-api-keys.html \ file_fullscreen-api-keys.html \
test_fullscreen-api.html \ test_fullscreen-api.html \
file_fullscreen-plugins.html \
test_li_attributes_reflection.html \ test_li_attributes_reflection.html \
test_ol_attributes_reflection.html \ test_ol_attributes_reflection.html \
test_bug651956.html \ test_bug651956.html \

180
content/html/content/test/file_fullscreen-plugins.html Normal file
View File

@@ -0,0 +1,180 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=545812
Test plugins with DOM full-screen API:
* Presence of plugins has no effect on request for full-screen on MacOS.
* Request for full-screen is denied when windowed plugin in current doc is present.
* Request for full-screen is denied when windowed plugin in subdocument is present.
* Request for full-screen is not denied when the only plugin present is windowless.
* Adding an existing (out-of-doc) windowed plugin to a full-screen document causes document to exit full-screen.
* Create windowed plugin and adding it to full-screen document caused exit from full-screen.
-->
<head>
<title>Test for Bug 545812</title>
<script type="application/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
<style>
body:-moz-full-screen, div:-moz-full-screen {
background-color: red;
}
</style>
</head>
<body onload="scheduleTest();">
<!-- Windowed plugin, should prevent first full-screen request. -->
<embed id="windowed-plugin" type="application/x-test" style="width:200px;height:100px;" wmode="window"></embed>
<!-- Windowless plugin, should not prevent full-screen requests. -->
<embed type="application/x-test" style="width:200px;height:100px;"></embed>
<!-- iframe contents:
<html><body><embed id='windowed-plugin' type='application/x-test' style='width:200px;height:100px;' wmode='window'></embed></body></html>
-->
<iframe id="subdoc-plugin" src="data:text/html;charset=utf-8,<html><body><embed id%3D'windowed-plugin' type%3D'application%2Fx-test' style%3D'width%3A200px%3Bheight%3A100px%3B' wmode%3D'window'><%2Fembed><%2Fbody><%2Fhtml>%0D%0A"></iframe>
<script type="application/javascript">
/** Test for Bug 545812 **/
function ok(condition, msg) {
opener.ok(condition, msg);
}
function is(a, b, msg) {
opener.is(a, b, msg);
}
const isMacOs = navigator.appVersion.indexOf("Macintosh") != -1;
document.addEventListener("mozfullscreenchange", isMacOs ? macFullScreenChange : fullScreenChange, false);
var windowedPlugin = null;
function scheduleTest() {
// Delay test startup long enough for the windowed plugin in the subframe to
// start up and create its window.
opener.SimpleTest.executeSoon(function() {
opener.SimpleTest.executeSoon(function() {
startTest();
})
});
}
function startTest() {
ok(!document.mozFullScreen, "Should not be in full-screen mode initially");
document.body.mozRequestFullScreen();
if (isMacOs) {
// Running on MacOS, all plugins are effectively windowless, request for full-screen should be granted.
// Continue test in the (mac-specific) "mozfullscreenchange" handler.
return;
}
ok(!document.mozFullScreen, "Request for full-screen from a document containing windowed plugin should be denied.");
// Remove plugin in this document. Should still be a windowed plugin in sub-document.
windowedPlugin = document.getElementById("windowed-plugin");
windowedPlugin.parentNode.removeChild(windowedPlugin);
document.body.mozRequestFullScreen();
ok(!document.mozFullScreen, "Request for full-screen from a document with subdocument containing windowed plugin should be denied.");
// Remove subdoc which contains windowed plugin, request full-screen, request should be granted.
// Continue test in "mozfullscreenchange" handler.
var f = document.getElementById("subdoc-plugin");
f.parentNode.removeChild(f);
document.body.mozRequestFullScreen();
}
var fullScreenChangeCount = 0;
function createWindowedPlugin() {
var p = document.createElement("embed");
p.setAttribute("type", "application/x-test");
p.setAttribute("wmode", "window");
return p;
}
function macFullScreenChange(event) {
switch (fullScreenChangeCount) {
case 0: {
ok(document.mozFullScreen, "Requests for full-screen on pages with plugins should be granted on MacOS");
// Create a new windowed plugin, and add that to the document. Should *not* exit full-screen mode on MacOS.
windowedPlugin = createWindowedPlugin();
document.body.appendChild(windowedPlugin);
setTimeout(
function() {
ok(document.mozFullScreen, "Adding windowed plugin to document should not cause full-screen to exit on MacOS.");
document.mozCancelFullScreen();
}, 0);
break;
}
case 1: {
ok(!document.mozFullScreen, "Should have left full-screen mode after calling document.mozCancelFullScreen().");
opener.pluginTestFinished();
break;
}
default: {
ok(false, "Should not receive any more fullscreenchange events!");
}
}
fullScreenChangeCount++;
}
function fullScreenChange(event) {
switch (fullScreenChangeCount) {
case 0: {
ok(document.mozFullScreen, "Request for full-screen with document containing windowless plugin should be granted");
// Add windowed plugin to document, should cause full-screen mode to exit.
document.body.appendChild(windowedPlugin);
break;
}
case 1: {
ok(!document.mozFullScreen, "Should have left full-screen mode after re-adding windowed plugin to document");
windowedPlugin.parentNode.removeChild(windowedPlugin);
document.body.mozRequestFullScreen();
break;
}
case 2: {
ok(document.mozFullScreen, "Should have reentered full-screen mode");
// Create a new windowed plugin, and add that to the document. Should exit full-screen mode.
windowedPlugin = createWindowedPlugin();
document.body.appendChild(windowedPlugin);
break;
}
case 3: {
ok(!document.mozFullScreen, "Should have left full-screen mode after adding windowed plugin created after going full-screen to document");
windowedPlugin.parentNode.removeChild(windowedPlugin);
windowedPlugin = createWindowedPlugin();
document.body.mozRequestFullScreen();
break;
}
case 4: {
ok(document.mozFullScreen, "Should have (again) reentered full-screen mode");
document.body.appendChild(windowedPlugin);
break;
}
case 5: {
ok(!document.mozFullScreen, "Should have left full-screen mode after adding windowed plugin created before going full-screen to document");
opener.pluginTestFinished();
break;
}
default: {
ok(false, "Should not receive any more fullscreenchange events!");
}
}
fullScreenChangeCount++;
}
</script>
</pre>
</body>
</html>

5
content/html/content/test/test_fullscreen-api.html
View File

@@ -86,6 +86,11 @@ function apiTestFinished() {
} }
function keysTestFinished() { function keysTestFinished() {
testWindow.close();
testWindow = window.open("file_fullscreen-plugins.html", "", "width=500,height=500");
}
function pluginTestFinished() {
testWindow.close(); testWindow.close();
SpecialPowers.setBoolPref("full-screen-api.enabled", prevEnabled); SpecialPowers.setBoolPref("full-screen-api.enabled", prevEnabled);
SpecialPowers.setBoolPref("full-screen-api.allow-trusted-requests-only", prevTrusted); SpecialPowers.setBoolPref("full-screen-api.allow-trusted-requests-only", prevTrusted);

8
dom/plugins/base/nsPluginInstanceOwner.cpp
View File

@@ -3277,7 +3277,13 @@ NS_IMETHODIMP nsPluginInstanceOwner::CreateWidget(void)
if (!mWidget) { if (!mWidget) {
bool windowless = false; bool windowless = false;
mInstance->IsWindowless(&windowless); mInstance->IsWindowless(&windowless);
nsIDocument *doc = mContent ? mContent->OwnerDoc() : nsnull;
#ifndef XP_MACOSX
if (!windowless && doc && doc->IsFullScreenDoc()) {
NS_DispatchToCurrentThread(
NS_NewRunnableMethod(doc, &nsIDocument::CancelFullScreen));
}
#endif
// always create widgets in Twips, not pixels // always create widgets in Twips, not pixels
nsPresContext* context = mObjectFrame->PresContext(); nsPresContext* context = mObjectFrame->PresContext();
rv = mObjectFrame->CreateWidget(context->DevPixelsToAppUnits(mPluginWindow->width), rv = mObjectFrame->CreateWidget(context->DevPixelsToAppUnits(mPluginWindow->width),