[webkit-reviews] review granted: [Bug 178422] Don't expose raw HTML in pasteboard to the web content : [Attachment 324100] Fixed the test
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Oct 18 19:27:54 PDT 2017
Wenson Hsieh <wenson_hsieh at apple.com> has granted Ryosuke Niwa
<rniwa at webkit.org>'s request for review:
Bug 178422: Don't expose raw HTML in pasteboard to the web content
https://bugs.webkit.org/show_bug.cgi?id=178422
Attachment 324100: Fixed the test
https://bugs.webkit.org/attachment.cgi?id=324100&action=review
--- Comment #15 from Wenson Hsieh <wenson_hsieh at apple.com> ---
Comment on attachment 324100
--> https://bugs.webkit.org/attachment.cgi?id=324100
Fixed the test
View in context: https://bugs.webkit.org/attachment.cgi?id=324100&action=review
> Source/WebCore/editing/WebContentReader.cpp:44
> return frame.document() &&
frame.document()->originIdentifierForPasteboard() != contentOrigin;
I'm not sure checking frame.document() is needed here, since we just assume
document exists (*frame.document()) afterwards in both branches.
> Source/WebCore/platform/ios/PlatformPasteboardIOS.mm:288
> + [representationsToRegister
addData:customData.createSharedBuffer()->createNSData().get()
forType:@(PasteboardCustomData::cocoaType())];
Just to make sure — it looks like we don't need to worry about also adding this
to teamData here because we only need to know the origin for markup
sanitization on drop?
> Source/WebCore/platform/mac/PasteboardWriter.mm:121
> + [pasteboardItem
setData:customData.createSharedBuffer()->createNSData().get()
forType:toUTIUnlessAlreadyUTI(String(PasteboardCustomData::cocoaType())).get()]
;
Do we need to go through toUTIUnlessAlreadyUTI() here? We already know
PasteboardCustomData::cocoaType() is a custom type (not one of the declared
CoreServices UTIs).
> LayoutTests/http/tests/misc/copy-resolves-urls.html:45
> +
results.appendChild(document.createTextNode(pasteHere.innerHTML.replace(/blob\:
http\:\/\/localhost\:8080\/[a-z0-9\-]+/, 'blob:://localhost:8080/...')));
Nit - extra : after the blob: here.
>
LayoutTests/http/tests/security/clipboard/drag-drop-html-cross-origin-iframe-in
-same-origin.html:24
> +setTimeout(finishJSTest, 3000);
I'm guessing this was just for debugging?
More information about the webkit-reviews
mailing list