Changeset 139111 in webkit

Timestamp:

Jan 8, 2013 2:11:02 PM (11 years ago)

Author:

tsepez@chromium.org

Message:

Copy-paste preserves <embed> tags containing active content.
​https://bugs.webkit.org/show_bug.cgi?id=77625

Reviewed by Ryosuke Niwa.

Source/WebCore:

Test: editing/pasteboard/paste-noplugin.html

• dom/FragmentScriptingPermission.h:

(WebCore::scriptingContentIsAllowed):
(WebCore::pluginContentIsAllowed):
Add new permission to restrict plugin pasting. Add inline functions to check
the implications of each permission rather than having a list of raw comparisions
sprinkled throughout the code.

• editing/markup.cpp:

(WebCore::createFragmentFromMarkup):
Revert back to unsafe plugin pasting regardless of caller's intentions when
the settings allow it.

• dom/Element.cpp:

(WebCore::Element::parserSetAttributes):

• html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::insertScriptElement):

• xml/parser/XMLDocumentParserLibxml2.cpp:

(WebCore::XMLDocumentParser::endElementNs):

• xml/parser/XMLDocumentParserQt.cpp:

(WebCore::XMLDocumentParser::parseEndElement):
Use new inline functions to check implications of permissions rather than raw
comparisions.

• html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::processStartTagForInBody):
(WebCore::HTMLTreeBuilder::processEndTag):
Check if plugin pasting is allowed before inserting applet/embed/oject elements.

• page/Settings.in:

Declaration of new unsafePluginPastingEnabled setting.

• platform/mac/PasteboardMac.mm:

(WebCore::Pasteboard::documentFragment):

• platform/blackberry/PasteboardBlackBerry.cpp:

(WebCore::Pasteboard::documentFragment):

• platform/chromium/DragDataChromium.cpp:

(WebCore::DragData::asFragment):

• platform/chromium/PasteboardChromium.cpp:

(WebCore::Pasteboard::documentFragment):

• platform/gtk/PasteboardGtk.cpp:

(WebCore::Pasteboard::documentFragment):

• platform/qt/DragDataQt.cpp:

(WebCore::DragData::asFragment):

• platform/qt/PasteboardQt.cpp:

(WebCore::Pasteboard::documentFragment):

• platform/win/ClipboardUtilitiesWin.cpp:

(WebCore::fragmentFromCFHTML):
(WebCore::fragmentFromHTML):

• platform/wx/PasteboardWx.cpp:

(WebCore::Pasteboard::documentFragment):
Pass DisallowScriptingAndPluginContent enum value.

Source/WebKit/chromium:

Adds chromium API to new unsafePluginPastingEnabled setting.

• public/WebSettings.h:
• src/WebSettingsImpl.cpp:

(WebKit::WebSettingsImpl::setUnsafePluginPastingEnabled):
(WebKit):

• src/WebSettingsImpl.h:

(WebSettingsImpl):

LayoutTests:

• editing/pasteboard/paste-noplugin-expected.txt: Added.
• editing/pasteboard/paste-noplugin.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/editing/pasteboard/paste-noplugin-expected.txt (added)
• LayoutTests/editing/pasteboard/paste-noplugin.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/dom/Element.cpp (modified) (1 diff)
• Source/WebCore/dom/FragmentScriptingPermission.h (modified) (2 diffs)
• Source/WebCore/editing/markup.cpp (modified) (2 diffs)
• Source/WebCore/html/parser/HTMLConstructionSite.cpp (modified) (1 diff)
• Source/WebCore/html/parser/HTMLTreeBuilder.cpp (modified) (2 diffs)
• Source/WebCore/page/Settings.in (modified) (1 diff)
• Source/WebCore/platform/blackberry/PasteboardBlackBerry.cpp (modified) (1 diff)
• Source/WebCore/platform/chromium/DragDataChromium.cpp (modified) (2 diffs)
• Source/WebCore/platform/chromium/PasteboardChromium.cpp (modified) (2 diffs)
• Source/WebCore/platform/gtk/PasteboardGtk.cpp (modified) (1 diff)
• Source/WebCore/platform/mac/PasteboardMac.mm (modified) (2 diffs)
• Source/WebCore/platform/qt/DragDataQt.cpp (modified) (1 diff)
• Source/WebCore/platform/qt/PasteboardQt.cpp (modified) (1 diff)
• Source/WebCore/platform/win/ClipboardUtilitiesWin.cpp (modified) (3 diffs)
• Source/WebCore/platform/wx/PasteboardWx.cpp (modified) (1 diff)
• Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp (modified) (1 diff)
• Source/WebCore/xml/parser/XMLDocumentParserQt.cpp (modified) (1 diff)
• Source/WebKit/chromium/ChangeLog (modified) (1 diff)
• Source/WebKit/chromium/public/WebSettings.h (modified) (1 diff)
• Source/WebKit/chromium/src/WebSettingsImpl.cpp (modified) (1 diff)
• Source/WebKit/chromium/src/WebSettingsImpl.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2013-01-08  Tom Sepez  <tsepez@chromium.org>
+
+        Copy-paste preserves <embed> tags containing active content.
+        https://bugs.webkit.org/show_bug.cgi?id=77625
+
+        Reviewed by Ryosuke Niwa.
+
+        * editing/pasteboard/paste-noplugin-expected.txt: Added.
+        * editing/pasteboard/paste-noplugin.html: Added.
+
 2013-01-08  Filip Pizlo  <fpizlo@apple.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-01-08  Tom Sepez  <tsepez@chromium.org>
+
+        Copy-paste preserves <embed> tags containing active content.
+        https://bugs.webkit.org/show_bug.cgi?id=77625
+
+        Reviewed by Ryosuke Niwa.
+
+        Test: editing/pasteboard/paste-noplugin.html
+
+        * dom/FragmentScriptingPermission.h:
+        (WebCore::scriptingContentIsAllowed):
+        (WebCore::pluginContentIsAllowed):
+        Add new permission to restrict plugin pasting.  Add inline functions to check
+        the implications of each permission rather than having a list of raw comparisions
+        sprinkled throughout the code. 
+        
+        * editing/markup.cpp:
+        (WebCore::createFragmentFromMarkup):
+        Revert back to unsafe plugin pasting regardless of caller's intentions when
+        the settings allow it.
+
+        * dom/Element.cpp:
+        (WebCore::Element::parserSetAttributes):
+        * html/parser/HTMLConstructionSite.cpp:
+        (WebCore::HTMLConstructionSite::insertScriptElement):
+        * xml/parser/XMLDocumentParserLibxml2.cpp:
+        (WebCore::XMLDocumentParser::endElementNs):
+        * xml/parser/XMLDocumentParserQt.cpp:
+        (WebCore::XMLDocumentParser::parseEndElement):
+        Use new inline functions to check implications of permissions rather than raw
+        comparisions.
+        
+        * html/parser/HTMLTreeBuilder.cpp:
+        (WebCore::HTMLTreeBuilder::processStartTagForInBody):
+        (WebCore::HTMLTreeBuilder::processEndTag):
+        Check if plugin pasting is allowed before inserting applet/embed/oject elements.
+
+        * page/Settings.in:
+        Declaration of new unsafePluginPastingEnabled setting.
+
+        * platform/mac/PasteboardMac.mm:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/blackberry/PasteboardBlackBerry.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/chromium/DragDataChromium.cpp:
+        (WebCore::DragData::asFragment):
+        * platform/chromium/PasteboardChromium.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/gtk/PasteboardGtk.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/qt/DragDataQt.cpp:
+        (WebCore::DragData::asFragment):
+        * platform/qt/PasteboardQt.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/win/ClipboardUtilitiesWin.cpp:
+        (WebCore::fragmentFromCFHTML):
+        (WebCore::fragmentFromHTML):
+        * platform/wx/PasteboardWx.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        Pass DisallowScriptingAndPluginContent enum value.
+        
 2013-01-08  Alexis Menard  <alexis@webkit.org>
 

trunk/Source/WebCore/dom/Element.cpp

@@ -981 +981 @@
     // If the element is created as result of a paste or drag-n-drop operation
     // we want to remove all the script and event handlers.
-    if (scriptingPermission == DisallowScriptingContent) {
-        unsigned i = 0;
+    if (!scriptingContentIsAllowed(scriptingPermission)) {
+        size_t i = 0;
         while (i < filteredAttributes.size()) {
             Attribute& attribute = filteredAttributes[i];

trunk/Source/WebCore/dom/FragmentScriptingPermission.h

@@ -32 +32 @@
 // generating DocumentFragments for paste in platform/*/Pasteboard.*.
 enum FragmentScriptingPermission {
+    DisallowScriptingAndPluginContentIfNeeded,
     DisallowScriptingContent,
     AllowScriptingContent,
@@ -37 +38 @@
 };
 
-};
+static inline bool scriptingContentIsAllowed(FragmentScriptingPermission scriptingPermission) 
+{
+    return scriptingPermission == AllowScriptingContent || scriptingPermission == AllowScriptingContentAndDoNotMarkAlreadyStarted;
+}
+
+static inline bool pluginContentIsAllowed(FragmentScriptingPermission scriptingPermission)
+{
+    return scriptingPermission != DisallowScriptingAndPluginContentIfNeeded;
+}
+
+} // namespace WebCore
 
 #endif // FragmentScriptingPermission_h

trunk/Source/WebCore/editing/markup.cpp

@@ -55 +55 @@
 #include "Range.h"
 #include "RenderObject.h"
+#include "Settings.h"
 #include "StylePropertySet.h"
 #include "StyleResolver.h"
@@ -664 +665 @@
     RefPtr<HTMLBodyElement> fakeBody = HTMLBodyElement::create(document);
     RefPtr<DocumentFragment> fragment = DocumentFragment::create(document);
+
+    if (scriptingPermission == DisallowScriptingAndPluginContentIfNeeded && (!document->settings() || document->settings()->unsafePluginPastingEnabled()))
+        scriptingPermission = DisallowScriptingContent;
+
     fragment->parseHTML(markup, fakeBody.get(), scriptingPermission);
 

trunk/Source/WebCore/html/parser/HTMLConstructionSite.cpp

@@ -347 +347 @@
     const bool alreadyStarted = m_isParsingFragment && parserInserted;
     RefPtr<HTMLScriptElement> element = HTMLScriptElement::create(scriptTag, ownerDocumentForCurrentNode(), parserInserted, alreadyStarted);
-    if (m_fragmentScriptingPermission != DisallowScriptingContent)
+    if (scriptingContentIsAllowed(m_fragmentScriptingPermission))
         element->parserSetAttributes(token->attributes(), m_fragmentScriptingPermission);
     attachLater(currentNode(), element);

trunk/Source/WebCore/html/parser/HTMLTreeBuilder.cpp

@@ -819 +819 @@
         m_tree.insertFormattingElement(token);
         return;
+    }
+    if (token->name() == appletTag
+        || token->name() == embedTag
+        || token->name() == objectTag) {
+        if (isParsingFragment() && !pluginContentIsAllowed(m_fragmentContext.scriptingPermission()))
+            return;
     }
     if (token->name() == appletTag
@@ -2182 +2188 @@
             m_scriptToProcess = m_tree.currentElement();
             m_tree.openElements()->pop();
-            if (isParsingFragment() && m_fragmentContext.scriptingPermission() == DisallowScriptingContent)
+            if (isParsingFragment() && !scriptingContentIsAllowed(m_fragmentContext.scriptingPermission()))
                 m_scriptToProcess->removeAllChildren();
             setInsertionMode(m_originalInsertionMode);

trunk/Source/WebCore/page/Settings.in

@@ -83 +83 @@
 
 xssAuditorEnabled initial=false
+unsafePluginPastingEnabled initial=true
 acceleratedCompositingFor3DTransformsEnabled initial=true
 acceleratedCompositingForVideoEnabled initial=true

trunk/Source/WebCore/platform/blackberry/PasteboardBlackBerry.cpp

@@ -98 +98 @@
     if (!html.isEmpty()) {
         String url = BlackBerry::Platform::Clipboard::readURL();
-        if (fragment = createFragmentFromMarkup(frame->document(), html, url, DisallowScriptingContent))
+        if (fragment = createFragmentFromMarkup(frame->document(), html, url, DisallowScriptingAndPluginContentIfNeeded))
             return fragment.release();
     }

trunk/Source/WebCore/platform/chromium/DragDataChromium.cpp

@@ -33 +33 @@
 #include "ChromiumDataObject.h"
 #include "ClipboardMimeTypes.h"
+#include "Document.h"
 #include "DocumentFragment.h"
 #include "FileSystem.h"
@@ -154 +155 @@
         KURL baseURL;
         m_platformDragData->htmlAndBaseURL(html, baseURL);
-        RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, baseURL, DisallowScriptingContent);
-        return fragment.release();
+        if (RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, baseURL, DisallowScriptingAndPluginContentIfNeeded))
+            return fragment.release();
     }
 

trunk/Source/WebCore/platform/chromium/PasteboardChromium.cpp

@@ -183 +183 @@
 
     if (WebKit::Platform::current()->clipboard()->isFormatAvailable(WebKit::WebClipboard::FormatHTML, buffer)) {
-        WebKit::WebString markup;
         unsigned fragmentStart = 0;
         unsigned fragmentEnd = 0;
         WebKit::WebURL url;
-        markup = WebKit::Platform::current()->clipboard()->readHTML(buffer, &url, &fragmentStart, &fragmentEnd);
+        WebKit::WebString markup = WebKit::Platform::current()->clipboard()->readHTML(buffer, &url, &fragmentStart, &fragmentEnd);
         if (!markup.isEmpty()) {
-          RefPtr<DocumentFragment> fragment =
-              createFragmentFromMarkupWithContext(frame->document(), markup, fragmentStart, fragmentEnd, KURL(url), DisallowScriptingContent);
-          if (fragment)
-              return fragment.release();
+            if (RefPtr<DocumentFragment> fragment = createFragmentFromMarkupWithContext(frame->document(), markup, fragmentStart, fragmentEnd, KURL(url), DisallowScriptingAndPluginContentIfNeeded))
+                return fragment.release();
         }
     }
@@ -200 +197 @@
         if (!markup.isEmpty()) {
             chosePlainText = true;
-
-            RefPtr<DocumentFragment> fragment =
-                createFragmentFromText(context.get(), markup);
-            if (fragment)
+            if (RefPtr<DocumentFragment> fragment = createFragmentFromText(context.get(), markup))
                 return fragment.release();
         }

trunk/Source/WebCore/platform/gtk/PasteboardGtk.cpp

@@ -172 +172 @@
 
     if (dataObject->hasMarkup()) {
-        RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), dataObject->markup(), "", DisallowScriptingContent);
+        RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), dataObject->markup(), "", DisallowScriptingAndPluginContentIfNeeded);
         if (fragment)
             return fragment.release();

trunk/Source/WebCore/platform/mac/PasteboardMac.mm

@@ -467 +467 @@
                     if (DocumentLoader* loader = frame->loader()->documentLoader())
                         loader->addAllArchiveResources(coreArchive.get());
-                    
-                    fragment = createFragmentFromMarkup(frame->document(), markupString, mainResource->url(), DisallowScriptingContent);
+
+                    fragment = createFragmentFromMarkup(frame->document(), markupString, mainResource->url(), DisallowScriptingAndPluginContentIfNeeded);
                     [markupString release];
                 } else if (MIMETypeRegistry::isSupportedImageMIMEType(MIMEType))
@@ -507 +507 @@
         }
         if ([HTMLString length] != 0 &&
-            (fragment = createFragmentFromMarkup(frame->document(), HTMLString, "", DisallowScriptingContent)))
+            (fragment = createFragmentFromMarkup(frame->document(), HTMLString, "", DisallowScriptingAndPluginContentIfNeeded)))
             return fragment.release();
     }

trunk/Source/WebCore/platform/qt/DragDataQt.cpp

@@ -138 +138 @@
 {
     if (m_platformDragData && m_platformDragData->hasHtml())
-        return createFragmentFromMarkup(frame->document(), m_platformDragData->html(), "", DisallowScriptingContent);
+        return createFragmentFromMarkup(frame->document(), m_platformDragData->html(), "", DisallowScriptingAndPluginContentIfNeeded);
 
     return 0;

trunk/Source/WebCore/platform/qt/PasteboardQt.cpp

@@ -112 +112 @@
         QString html = mimeData->html();
         if (!html.isEmpty()) {
-            RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, "", DisallowScriptingContent);
+            RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, "", DisallowScriptingAndPluginContentIfNeeded);
             if (fragment)
                 return fragment.release();

trunk/Source/WebCore/platform/win/ClipboardUtilitiesWin.cpp

@@ -642 +642 @@
 
     String markup = extractMarkupFromCFHTML(cfhtml);
-    return createFragmentFromMarkup(doc, markup, srcURL, DisallowScriptingContent);
+    return createFragmentFromMarkup(doc, markup, srcURL, DisallowScriptingAndPluginContentIfNeeded);
 }
 
@@ -659 +659 @@
     String srcURL;
     if (!html.isEmpty())
-        return createFragmentFromMarkup(doc, html, srcURL, DisallowScriptingContent);
+        return createFragmentFromMarkup(doc, html, srcURL, DisallowScriptingAndPluginContentIfNeeded);
 
     return 0;
@@ -677 +677 @@
     String srcURL;
     if (getDataMapItem(data, texthtmlFormat(), stringData))
-        return createFragmentFromMarkup(document, stringData, srcURL, DisallowScriptingContent);
+        return createFragmentFromMarkup(document, stringData, srcURL, DisallowScriptingAndPluginContentIfNeeded);
 
     return 0;

trunk/Source/WebCore/platform/wx/PasteboardWx.cpp

@@ -100 +100 @@
             wxTheClipboard->GetData(data);
             chosePlainText = false;
-            fragment = createFragmentFromMarkup(frame->document(), data.GetHTML(), "", DisallowScriptingContent);
+            fragment = createFragmentFromMarkup(frame->document(), data.GetHTML(), "", DisallowScriptingAndPluginContentIfNeeded);
         } else
 #endif

trunk/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp

@@ -853 +853 @@
         setDepthTriggeringEntityExpansion(-1);
 
-    if (m_scriptingPermission == DisallowScriptingContent && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
+    if (!scriptingContentIsAllowed(m_scriptingPermission) && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
         popCurrentNode();
         ExceptionCode ec;

trunk/Source/WebCore/xml/parser/XMLDocumentParserQt.cpp

@@ -507 +507 @@
     n->finishParsingChildren();
 
-    if (m_scriptingPermission == DisallowScriptingContent && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
+    if (!scriptingContentIsAllowed(m_scriptingPermission) && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
         popCurrentNode();
         ExceptionCode ec;

trunk/Source/WebKit/chromium/ChangeLog

@@ +1 @@
+2013-01-08  Tom Sepez  <tsepez@chromium.org>
+
+        Copy-paste preserves <embed> tags containing active content.
+        https://bugs.webkit.org/show_bug.cgi?id=77625
+
+        Reviewed by Ryosuke Niwa.
+
+        Adds chromium API to new unsafePluginPastingEnabled setting.
+
+        * public/WebSettings.h:
+        * src/WebSettingsImpl.cpp:
+        (WebKit::WebSettingsImpl::setUnsafePluginPastingEnabled):
+        (WebKit):
+        * src/WebSettingsImpl.h:
+        (WebSettingsImpl):
+
 2013-01-08  Mark Lam  <mark.lam@apple.com>
 

trunk/Source/WebKit/chromium/public/WebSettings.h

@@ -162 +162 @@
     virtual void setTouchDragDropEnabled(bool) = 0;
     virtual void setUnifiedTextCheckerEnabled(bool) = 0;
+    virtual void setUnsafePluginPastingEnabled(bool) = 0;
     virtual void setUserStyleSheetLocation(const WebURL&) = 0;
     virtual void setUsesEncodingDetector(bool) = 0;

trunk/Source/WebKit/chromium/src/WebSettingsImpl.cpp

@@ -294 +294 @@
 }
 
+void WebSettingsImpl::setUnsafePluginPastingEnabled(bool enabled)
+{
+    m_settings->setUnsafePluginPastingEnabled(enabled);
+}
+
 void WebSettingsImpl::setDNSPrefetchingEnabled(bool enabled)
 {

trunk/Source/WebKit/chromium/src/WebSettingsImpl.h

@@ -159 +159 @@
     virtual void setTouchDragDropEnabled(bool);
     virtual void setUnifiedTextCheckerEnabled(bool);
+    virtual void setUnsafePluginPastingEnabled(bool);
     virtual void setUserStyleSheetLocation(const WebURL&);
     virtual void setUsesEncodingDetector(bool);