nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/browser/components/extensions
History
Luca Greco 166d68dc58 Bug 1707214 - Ensure we don't cache dataTransfer.files when accessed by expanded principals. r=mixedpuppy,nika 
This doesn't seem a recent regression, the underlying issue is that we don't account for
the Extensions content scripts (and user scripts) as other principals that may be able
to intercept a drop event and then try to access the dataTransfer.files property before
the webpage does.

As the big inline comment inside DataTransferItemList::Files does explain, keeping a copy
of the FileList when accessed from a webpage principal is necessary for spec compliance,
while we don't cache it when it is being accessed by system principal code.
(see https://searchfox.org/mozilla-central/rev/6cbe34b441f7c7c29cd1e5f0e19c7000142f1423/dom/events/DataTransferItemList.cpp#200-242)

The changes in this patch are preventing us from caching the file list also when accessed
by expanded principals (which are never going to be used for any web page, but they are used
by both Extensions content scripts and Extensions user scripts), along with adding a new.
regression test to prevent it from regressing without being noticed.

Without this patch, when an extension content script or user script does intercept the
drop event and access the dataTransfer.files property, we cache the FileList created
for the ExpandedPrincipal associated to the Extension script and after that if the page
try to access it we do return null because the webpage principal doesn't subsume the
expanded principal (which is also why the issue isn't triggered if the webpage does
access it first). In debug build we crash because we hit the assertion in
DataTransferItemList::Files right before the earlier nullptr return we hit on release.

Differential Revision: https://phabricator.services.mozilla.com/D113555
2021-04-30 19:48:41 +00:00
..
child
parent Bug 1705084 - remove icons from builtin items in the sidebar selector dropdown, and stop using checkbox items in it altogether, r=emalysz 2021-04-28 21:45:06 +00:00
schemas
test Bug 1707214 - Ensure we don't cache dataTransfer.files when accessed by expanded principals. r=mixedpuppy,nika 2021-04-30 19:48:41 +00:00
.eslintrc.js
ext-browser.json Bug 1646338 ask to set as default again when enabling a search addon r=Standard8 2021-03-29 15:42:23 +00:00
extension-linux-panel.css Bug 1698132 - Convert proton pref checks from @supports rules to media features. r=Gijs 2021-04-05 20:48:05 +00:00
extension-mac-panel.css Bug 1698132 - Convert proton pref checks from @supports rules to media features. r=Gijs 2021-04-05 20:48:05 +00:00
extension-mac.css
extension-win-panel.css Bug 1698132 - Convert proton pref checks from @supports rules to media features. r=Gijs 2021-04-05 20:48:05 +00:00
extension.css
extension.svg Bug 1698237 - Backed out changeset 18909220355a (bug 1697806). 2021-03-13 16:06:33 +00:00
ExtensionBrowsingData.jsm
ExtensionControlledPopup.jsm
ExtensionPopups.jsm Bug 1701257 - fix panel radius on webextension browser and body with proton enabled, r=mconley 2021-03-26 18:54:10 +00:00
extensions-browser.manifest
jar.mn Bug 1701257 - fix panel radius on webextension browser and body with proton enabled, r=mconley 2021-03-26 18:54:10 +00:00
moz.build