[webkit-reviews] review granted: [Bug 178422] Don't expose raw HTML in pasteboard to the web content : [Attachment 324100] Fixed the test

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Oct 18 19:27:54 PDT 2017


Wenson Hsieh <wenson_hsieh at apple.com> has granted Ryosuke Niwa
<rniwa at webkit.org>'s request for review:
Bug 178422: Don't expose raw HTML in pasteboard to the web content
https://bugs.webkit.org/show_bug.cgi?id=178422

Attachment 324100: Fixed the test

https://bugs.webkit.org/attachment.cgi?id=324100&action=review




--- Comment #15 from Wenson Hsieh <wenson_hsieh at apple.com> ---
Comment on attachment 324100
  --> https://bugs.webkit.org/attachment.cgi?id=324100
Fixed the test

View in context: https://bugs.webkit.org/attachment.cgi?id=324100&action=review

> Source/WebCore/editing/WebContentReader.cpp:44
>      return frame.document() &&
frame.document()->originIdentifierForPasteboard() != contentOrigin;

I'm not sure checking frame.document() is needed here, since we just assume
document exists (*frame.document()) afterwards in both branches.

> Source/WebCore/platform/ios/PlatformPasteboardIOS.mm:288
> +    [representationsToRegister
addData:customData.createSharedBuffer()->createNSData().get()
forType:@(PasteboardCustomData::cocoaType())];

Just to make sure — it looks like we don't need to worry about also adding this
to teamData here because we only need to know the origin for markup
sanitization on drop?

> Source/WebCore/platform/mac/PasteboardWriter.mm:121
> +	   [pasteboardItem
setData:customData.createSharedBuffer()->createNSData().get()
forType:toUTIUnlessAlreadyUTI(String(PasteboardCustomData::cocoaType())).get()]
;

Do we need to go through toUTIUnlessAlreadyUTI() here? We already know
PasteboardCustomData::cocoaType() is a custom type (not one of the declared
CoreServices UTIs).

> LayoutTests/http/tests/misc/copy-resolves-urls.html:45
> +   
results.appendChild(document.createTextNode(pasteHere.innerHTML.replace(/blob\:
http\:\/\/localhost\:8080\/[a-z0-9\-]+/, 'blob:://localhost:8080/...')));

Nit - extra : after the blob: here.

>
LayoutTests/http/tests/security/clipboard/drag-drop-html-cross-origin-iframe-in
-same-origin.html:24
> +setTimeout(finishJSTest, 3000);

I'm guessing this was just for debugging?


More information about the webkit-reviews mailing list