[Webkit-unassigned] [Bug 36482] Regression(r55766): [Chromium] chromiumDataObject.hasData() reports true for an empty clipboard
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 23 22:11:44 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=36482
--- Comment #5 from Tony Chang (Google) <tony at chromium.org> 2010-03-23 22:11:44 PST ---
(In reply to comment #4)
> So I'm not sure there is a easy way to test this (except adding a spurious copy
> operation somewhere), and adding an interface seemed overkill for such a small
> change.
I guess I'm a bit confused. There are layout tests that test dragging URLs in
a page (e.g., fast/events/drag-in-frames.html). Do they go through this code
path?
> > > +void ChromiumDataObject::setURL(const KURL& newURL)
> > > +{
> > > + ASSERT(newURL.isValid() || newURL.isEmpty());
> >
> > Do we really want to assert here? Can't javascript try to set an invalid URL?
> > We shouldn't assert in that case.
>
> This should not be exposed to JavaScript directly - for JS, sanitizing is done
> in ClipboardChromium::setData().
>
> Conceivably, there may be an invalid URL passed-in on the clipboard from an
> external process, but again I think it'd be better if we sanitized this before
> accepting it. Hence the ASSERT.
>
> However, I don't feel strongly about this and could be convinced that we want
> to accept invalid URLs in the clipboard data, and remove the ASSERT.
I agree that we should sanitize the data. Isn't that what the if statement
after the assert does? It seems like we shouldn't crash in debug because the
user dragged the recycling bin onto chrome.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list