diff options
| author | Moonchild <moonchild@palemoon.org> | 2022-02-10 22:21:40 +0000 |
|---|---|---|
| committer | Moonchild <moonchild@palemoon.org> | 2022-04-03 01:14:55 +0200 |
| commit | 33b9fbcf2c6c7eb81b1238c1f1fb315ef45560d4 (patch) | |
| tree | 3d1d46cadfcb42204f956ff5791be8092c99c083 | |
| parent | fd61c46276ddb825b57f51bd246fd61f9dcda6fe (diff) | |
| download | uxp-33b9fbcf2c6c7eb81b1238c1f1fb315ef45560d4.tar.gz | |
[DOM] Don't allow internal MIME types to be assigned to DataTransfer
We already blocked x-moz-file(-promise) and x-moz-place* but of course people
would find ways to abuse other internal types. This change now blocks everything
except x-moz-url types which are harmless. (i.e. whitelist instead of blacklist)
| -rw-r--r-- | dom/events/DataTransfer.cpp | 15 | ||||
| -rw-r--r-- | widget/nsITransferable.idl | 7 |
2 files changed, 11 insertions, 11 deletions
diff --git a/dom/events/DataTransfer.cpp b/dom/events/DataTransfer.cpp index 5e7d477dfb..3a3f5464d2 100644 --- a/dom/events/DataTransfer.cpp +++ b/dom/events/DataTransfer.cpp @@ -639,16 +639,11 @@ DataTransfer::PrincipalMaySetData(const nsAString& aType, return false; } - if (aType.EqualsASCII(kFileMime) || - aType.EqualsASCII(kFilePromiseMime)) { - NS_WARNING("Disallowing adding x-moz-file or x-moz-file-promize types to DataTransfer"); - return false; - } - - // Disallow content from creating x-moz-place flavors, so that it cannot - // create fake Places smart queries exposing user data. - if (StringBeginsWith(aType, NS_LITERAL_STRING("text/x-moz-place"))) { - NS_WARNING("Disallowing adding moz-place types to DataTransfer"); + // Don't allow adding internal types of the form */x-moz-*, but + // special-case the url types as they are simple variations of urls. + if (FindInReadable(NS_LITERAL_STRING(kInternal_Mimetype_Prefix), aType) && + !StringBeginsWith(aType, NS_LITERAL_STRING("text/x-moz-url"))) { + NS_WARNING("Disallowing adding requested internal type to DataTransfer"); return false; } } diff --git a/widget/nsITransferable.idl b/widget/nsITransferable.idl index b128586dd1..e580673f5e 100644 --- a/widget/nsITransferable.idl +++ b/widget/nsITransferable.idl @@ -13,12 +13,17 @@ interface nsIPrincipal; %{ C++ +// Internal formats must have their second part starting with 'x-moz-', +// for example text/x-moz-internaltype. These cannot be assigned by +// unprivileged content but all other types can. +#define kInternal_Mimetype_Prefix "/x-moz-" + // these probably shouldn't live here, but in some central repository shared // by the entire app. #define kTextMime "text/plain" #define kRTFMime "text/rtf" #define kUnicodeMime "text/unicode" -#define kMozTextInternal "text/x-moz-text-internal" // text data which isn't suppoed to be parsed by other apps. +#define kMozTextInternal "text/x-moz-text-internal" // text data which isn't suppoed to be parsed by other apps. #define kHTMLMime "text/html" #define kAOLMailMime "AOLMAIL" #define kPNGImageMime "image/png" |