Loading editor/libeditor/html/nsHTMLDataTransfer.cpp +0 −32 Original line number Diff line number Diff line Loading @@ -52,8 +52,6 @@ #include "nsIDOMHTMLTableRowElement.h" #include "nsIDOMNode.h" #include "nsIDOMRange.h" #include "nsIDocShell.h" #include "nsIDocShellTreeItem.h" #include "nsIDocument.h" #include "nsIEditor.h" #include "nsIEditorIMESupport.h" Loading @@ -65,7 +63,6 @@ #include "nsINode.h" #include "nsIParserUtils.h" #include "nsIPlaintextEditor.h" #include "nsIPrincipal.h" #include "nsISelection.h" #include "nsISupportsImpl.h" #include "nsISupportsPrimitives.h" Loading Loading @@ -1171,35 +1168,6 @@ nsHTMLEditor::ParseCFHTML(nsCString & aCfhtml, PRUnichar **aStuffToPaste, PRUnic return NS_OK; } bool nsHTMLEditor::IsSafeToInsertData(nsIDOMDocument* aSourceDoc) { // Try to determine whether we should use a sanitizing fragment sink bool isSafe = false; nsCOMPtr<nsIDocument> destdoc = GetDocument(); NS_ASSERTION(destdoc, "Where is our destination doc?"); nsCOMPtr<nsISupports> container = destdoc->GetContainer(); nsCOMPtr<nsIDocShellTreeItem> dsti = do_QueryInterface(container); nsCOMPtr<nsIDocShellTreeItem> root; if (dsti) dsti->GetRootTreeItem(getter_AddRefs(root)); nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(root); PRUint32 appType; if (docShell && NS_SUCCEEDED(docShell->GetAppType(&appType))) isSafe = appType == nsIDocShell::APP_TYPE_EDITOR; if (!isSafe && aSourceDoc) { nsCOMPtr<nsIDocument> srcdoc = do_QueryInterface(aSourceDoc); NS_ASSERTION(srcdoc, "Where is our source doc?"); nsIPrincipal* srcPrincipal = srcdoc->NodePrincipal(); nsIPrincipal* destPrincipal = destdoc->NodePrincipal(); NS_ASSERTION(srcPrincipal && destPrincipal, "How come we don't have a principal?"); srcPrincipal->Subsumes(destPrincipal, &isSafe); } return isSafe; } nsresult nsHTMLEditor::InsertObject(const char* aType, nsISupports* aObject, bool aIsSafe, nsIDOMDocument *aSourceDoc, nsIDOMNode *aDestinationNode, Loading editor/libeditor/html/nsHTMLEditor.h +0 −4 Original line number Diff line number Diff line Loading @@ -534,10 +534,6 @@ protected: NS_IMETHOD InsertAsPlaintextQuotation(const nsAString & aQuotedText, bool aAddCites, nsIDOMNode **aNodeInserted); // Return true if the data is safe to insert as the source and destination // principals match, or we are in a editor context where this doesn't matter. // Otherwise, the data must be sanitized first. bool IsSafeToInsertData(nsIDOMDocument* aSourceDoc); nsresult InsertObject(const char* aType, nsISupports* aObject, bool aIsSafe, nsIDOMDocument *aSourceDoc, Loading editor/libeditor/text/nsPlaintextDataTransfer.cpp +46 −10 Original line number Diff line number Diff line Loading @@ -28,6 +28,9 @@ #include "nsIDragSession.h" #include "nsIEditor.h" #include "nsIEditorIMESupport.h" #include "nsIDocShell.h" #include "nsIDocShellTreeItem.h" #include "nsIPrincipal.h" #include "nsIFormControl.h" #include "nsIPlaintextEditor.h" #include "nsISelection.h" Loading Loading @@ -173,8 +176,20 @@ nsresult nsPlaintextEditor::InsertFromDrop(nsIDOMEvent* aDropEvent) nsCOMPtr<nsIDragSession> dragSession = nsContentUtils::GetDragSession(); NS_ASSERTION(dragSession, "No drag session"); nsCOMPtr<nsIDOMNode> sourceNode; dataTransfer->GetMozSourceNode(getter_AddRefs(sourceNode)); nsCOMPtr<nsIDOMDocument> srcdomdoc; if (sourceNode) { sourceNode->GetOwnerDocument(getter_AddRefs(srcdomdoc)); NS_ENSURE_TRUE(sourceNode, NS_ERROR_FAILURE); } nsDragEvent* dragEventInternal = static_cast<nsDragEvent *>(aDropEvent->GetInternalNSEvent()); if (nsContentUtils::CheckForSubFrameDrop(dragSession, dragEventInternal)) { // Don't allow drags from subframe documents with different origins than // the drop destination. if (srcdomdoc && !IsSafeToInsertData(srcdomdoc)) return NS_OK; } Loading Loading @@ -213,15 +228,6 @@ nsresult nsPlaintextEditor::InsertFromDrop(nsIDOMEvent* aDropEvent) bool isCollapsed = selection->Collapsed(); nsCOMPtr<nsIDOMNode> sourceNode; dataTransfer->GetMozSourceNode(getter_AddRefs(sourceNode)); nsCOMPtr<nsIDOMDocument> srcdomdoc; if (sourceNode) { sourceNode->GetOwnerDocument(getter_AddRefs(srcdomdoc)); NS_ENSURE_TRUE(sourceNode, NS_ERROR_FAILURE); } // Only the nsHTMLEditor::FindUserSelectAllNode returns a node. nsCOMPtr<nsIDOMNode> userSelectNode = FindUserSelectAllNode(newSelectionParent); if (userSelectNode) Loading Loading @@ -419,3 +425,33 @@ NS_IMETHODIMP nsPlaintextEditor::CanPasteTransferable(nsITransferable *aTransfer return NS_OK; } bool nsPlaintextEditor::IsSafeToInsertData(nsIDOMDocument* aSourceDoc) { // Try to determine whether we should use a sanitizing fragment sink bool isSafe = false; nsCOMPtr<nsIDocument> destdoc = GetDocument(); NS_ASSERTION(destdoc, "Where is our destination doc?"); nsCOMPtr<nsISupports> container = destdoc->GetContainer(); nsCOMPtr<nsIDocShellTreeItem> dsti = do_QueryInterface(container); nsCOMPtr<nsIDocShellTreeItem> root; if (dsti) dsti->GetRootTreeItem(getter_AddRefs(root)); nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(root); PRUint32 appType; if (docShell && NS_SUCCEEDED(docShell->GetAppType(&appType))) isSafe = appType == nsIDocShell::APP_TYPE_EDITOR; if (!isSafe && aSourceDoc) { nsCOMPtr<nsIDocument> srcdoc = do_QueryInterface(aSourceDoc); NS_ASSERTION(srcdoc, "Where is our source doc?"); nsIPrincipal* srcPrincipal = srcdoc->NodePrincipal(); nsIPrincipal* destPrincipal = destdoc->NodePrincipal(); NS_ASSERTION(srcPrincipal && destPrincipal, "How come we don't have a principal?"); srcPrincipal->Subsumes(destPrincipal, &isSafe); } return isSafe; } editor/libeditor/text/nsPlaintextEditor.h +5 −0 Original line number Diff line number Diff line Loading @@ -154,6 +154,11 @@ public: nsresult ExtendSelectionForDelete(nsISelection* aSelection, nsIEditor::EDirection *aAction); // Return true if the data is safe to insert as the source and destination // principals match, or we are in a editor context where this doesn't matter. // Otherwise, the data must be sanitized first. bool IsSafeToInsertData(nsIDOMDocument* aSourceDoc); static void GetDefaultEditorPrefs(PRInt32 &aNewLineHandling, PRInt32 &aCaretStyle); Loading Loading
editor/libeditor/html/nsHTMLDataTransfer.cpp +0 −32 Original line number Diff line number Diff line Loading @@ -52,8 +52,6 @@ #include "nsIDOMHTMLTableRowElement.h" #include "nsIDOMNode.h" #include "nsIDOMRange.h" #include "nsIDocShell.h" #include "nsIDocShellTreeItem.h" #include "nsIDocument.h" #include "nsIEditor.h" #include "nsIEditorIMESupport.h" Loading @@ -65,7 +63,6 @@ #include "nsINode.h" #include "nsIParserUtils.h" #include "nsIPlaintextEditor.h" #include "nsIPrincipal.h" #include "nsISelection.h" #include "nsISupportsImpl.h" #include "nsISupportsPrimitives.h" Loading Loading @@ -1171,35 +1168,6 @@ nsHTMLEditor::ParseCFHTML(nsCString & aCfhtml, PRUnichar **aStuffToPaste, PRUnic return NS_OK; } bool nsHTMLEditor::IsSafeToInsertData(nsIDOMDocument* aSourceDoc) { // Try to determine whether we should use a sanitizing fragment sink bool isSafe = false; nsCOMPtr<nsIDocument> destdoc = GetDocument(); NS_ASSERTION(destdoc, "Where is our destination doc?"); nsCOMPtr<nsISupports> container = destdoc->GetContainer(); nsCOMPtr<nsIDocShellTreeItem> dsti = do_QueryInterface(container); nsCOMPtr<nsIDocShellTreeItem> root; if (dsti) dsti->GetRootTreeItem(getter_AddRefs(root)); nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(root); PRUint32 appType; if (docShell && NS_SUCCEEDED(docShell->GetAppType(&appType))) isSafe = appType == nsIDocShell::APP_TYPE_EDITOR; if (!isSafe && aSourceDoc) { nsCOMPtr<nsIDocument> srcdoc = do_QueryInterface(aSourceDoc); NS_ASSERTION(srcdoc, "Where is our source doc?"); nsIPrincipal* srcPrincipal = srcdoc->NodePrincipal(); nsIPrincipal* destPrincipal = destdoc->NodePrincipal(); NS_ASSERTION(srcPrincipal && destPrincipal, "How come we don't have a principal?"); srcPrincipal->Subsumes(destPrincipal, &isSafe); } return isSafe; } nsresult nsHTMLEditor::InsertObject(const char* aType, nsISupports* aObject, bool aIsSafe, nsIDOMDocument *aSourceDoc, nsIDOMNode *aDestinationNode, Loading
editor/libeditor/html/nsHTMLEditor.h +0 −4 Original line number Diff line number Diff line Loading @@ -534,10 +534,6 @@ protected: NS_IMETHOD InsertAsPlaintextQuotation(const nsAString & aQuotedText, bool aAddCites, nsIDOMNode **aNodeInserted); // Return true if the data is safe to insert as the source and destination // principals match, or we are in a editor context where this doesn't matter. // Otherwise, the data must be sanitized first. bool IsSafeToInsertData(nsIDOMDocument* aSourceDoc); nsresult InsertObject(const char* aType, nsISupports* aObject, bool aIsSafe, nsIDOMDocument *aSourceDoc, Loading
editor/libeditor/text/nsPlaintextDataTransfer.cpp +46 −10 Original line number Diff line number Diff line Loading @@ -28,6 +28,9 @@ #include "nsIDragSession.h" #include "nsIEditor.h" #include "nsIEditorIMESupport.h" #include "nsIDocShell.h" #include "nsIDocShellTreeItem.h" #include "nsIPrincipal.h" #include "nsIFormControl.h" #include "nsIPlaintextEditor.h" #include "nsISelection.h" Loading Loading @@ -173,8 +176,20 @@ nsresult nsPlaintextEditor::InsertFromDrop(nsIDOMEvent* aDropEvent) nsCOMPtr<nsIDragSession> dragSession = nsContentUtils::GetDragSession(); NS_ASSERTION(dragSession, "No drag session"); nsCOMPtr<nsIDOMNode> sourceNode; dataTransfer->GetMozSourceNode(getter_AddRefs(sourceNode)); nsCOMPtr<nsIDOMDocument> srcdomdoc; if (sourceNode) { sourceNode->GetOwnerDocument(getter_AddRefs(srcdomdoc)); NS_ENSURE_TRUE(sourceNode, NS_ERROR_FAILURE); } nsDragEvent* dragEventInternal = static_cast<nsDragEvent *>(aDropEvent->GetInternalNSEvent()); if (nsContentUtils::CheckForSubFrameDrop(dragSession, dragEventInternal)) { // Don't allow drags from subframe documents with different origins than // the drop destination. if (srcdomdoc && !IsSafeToInsertData(srcdomdoc)) return NS_OK; } Loading Loading @@ -213,15 +228,6 @@ nsresult nsPlaintextEditor::InsertFromDrop(nsIDOMEvent* aDropEvent) bool isCollapsed = selection->Collapsed(); nsCOMPtr<nsIDOMNode> sourceNode; dataTransfer->GetMozSourceNode(getter_AddRefs(sourceNode)); nsCOMPtr<nsIDOMDocument> srcdomdoc; if (sourceNode) { sourceNode->GetOwnerDocument(getter_AddRefs(srcdomdoc)); NS_ENSURE_TRUE(sourceNode, NS_ERROR_FAILURE); } // Only the nsHTMLEditor::FindUserSelectAllNode returns a node. nsCOMPtr<nsIDOMNode> userSelectNode = FindUserSelectAllNode(newSelectionParent); if (userSelectNode) Loading Loading @@ -419,3 +425,33 @@ NS_IMETHODIMP nsPlaintextEditor::CanPasteTransferable(nsITransferable *aTransfer return NS_OK; } bool nsPlaintextEditor::IsSafeToInsertData(nsIDOMDocument* aSourceDoc) { // Try to determine whether we should use a sanitizing fragment sink bool isSafe = false; nsCOMPtr<nsIDocument> destdoc = GetDocument(); NS_ASSERTION(destdoc, "Where is our destination doc?"); nsCOMPtr<nsISupports> container = destdoc->GetContainer(); nsCOMPtr<nsIDocShellTreeItem> dsti = do_QueryInterface(container); nsCOMPtr<nsIDocShellTreeItem> root; if (dsti) dsti->GetRootTreeItem(getter_AddRefs(root)); nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(root); PRUint32 appType; if (docShell && NS_SUCCEEDED(docShell->GetAppType(&appType))) isSafe = appType == nsIDocShell::APP_TYPE_EDITOR; if (!isSafe && aSourceDoc) { nsCOMPtr<nsIDocument> srcdoc = do_QueryInterface(aSourceDoc); NS_ASSERTION(srcdoc, "Where is our source doc?"); nsIPrincipal* srcPrincipal = srcdoc->NodePrincipal(); nsIPrincipal* destPrincipal = destdoc->NodePrincipal(); NS_ASSERTION(srcPrincipal && destPrincipal, "How come we don't have a principal?"); srcPrincipal->Subsumes(destPrincipal, &isSafe); } return isSafe; }
editor/libeditor/text/nsPlaintextEditor.h +5 −0 Original line number Diff line number Diff line Loading @@ -154,6 +154,11 @@ public: nsresult ExtendSelectionForDelete(nsISelection* aSelection, nsIEditor::EDirection *aAction); // Return true if the data is safe to insert as the source and destination // principals match, or we are in a editor context where this doesn't matter. // Otherwise, the data must be sanitized first. bool IsSafeToInsertData(nsIDOMDocument* aSourceDoc); static void GetDefaultEditorPrefs(PRInt32 &aNewLineHandling, PRInt32 &aCaretStyle); Loading
