[Webkit-unassigned] [Bug 47773] New: WebKit allows Netscape plugins using CoreAnimation drawing to use Carbon event model

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Oct 16 08:31:09 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=47773

           Summary: WebKit allows Netscape plugins using CoreAnimation
                    drawing to use Carbon event model
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Plug-ins
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: seiryu at comcast.net


Created an attachment (id=70956)
 --> (https://bugs.webkit.org/attachment.cgi?id=70956&action=review)
Patch for WebNetscapePluginView that destroys Carbon/CoreAnimation combo

Summary:
According to the documentation for the CoreAnimation drawing model, taken from <https://wiki.mozilla.org/NPAPI:CoreAnimationDrawingModel>:

"The Core Animation drawing model only works together with the Cocoa Event Model. If the plug-in tries to use the Carbon Event model with the Core Animation drawing model, the browser will destroy the plug-in after it has been instantiated."

However, WebKit fails to do this and allows the CoreAnimation drawing model to work with the Carbon Event Model. Other browsers, such as Chrome, handle this situation correctly and shut down the plugin.


Steps to reproduce:
1. Using Git, clone the Weppy plugin, available at the URL <git://github.com/nickzman/weppy.git>. This is the plugin I was working on when I discovered the problem.
2. Download and install yasm from <http://www.tortall.net/projects/yasm/> if you don't already have it installed.
3. Download and install libvpx from <http://code.google.com/p/webm/downloads>.
4. Open the Weppy project in Xcode 3.2 or later.
5. In Weppy main.m, comment out lines 151-155, which are the part of the code in NPP_New() that activates the Cocoa event model.
6. Build the "Weppy (Netscape)" target with the "i386" architecture and "Debug" configuration.
7. Move the resulting "Weppy.plugin" bundle to your ~/Library/Internet Plug-Ins" folder.
8. Open Safari.
9. Navigate to the following URL, which contains an object that runs the plugin: <http://seiryu.home.comcast.net/weppy.html>


Expected results:
Nothing is expected to happen, because the plugin turns on the CoreAnimation drawing model and uses the Carbon event model (since it is running as 32-bit), which according to the specification is supposed to be an invalid combination.


Actual results:
WebKit runs the plugin anyway.

I've attached a patch to WebNetscapePluginView.mm that fixes the problem by destroying plugins that ask for this combination. I doubt it will cause regressions, since other browsers that support CoreAnimation, such as Chrome, never allowed this in the first place...

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list