summaryrefslogtreecommitdiff
path: root/dom/events
diff options
context:
space:
mode:
authorMoonchild <moonchild@palemoon.org>2022-02-10 22:21:40 +0000
committerMoonchild <moonchild@palemoon.org>2022-05-30 08:28:11 +0000
commitc048d762cff164733ca1db285335b8bb6011e5bb (patch)
tree7aab222106d2b371a88001661bf486f0398f44b5 /dom/events
parent39fe9559bb8fb5135feb895da3bd91ccc760e399 (diff)
downloaduxp-c048d762cff164733ca1db285335b8bb6011e5bb.tar.gz
[DOM] Don't allow internal MIME types to be assigned to DataTransfer
We already blocked x-moz-file(-promise) and x-moz-place* but of course people would find ways to abuse other internal types. This change now blocks everything except x-moz-url types which are harmless. (i.e. whitelist instead of blacklist)
Diffstat (limited to 'dom/events')
-rw-r--r--dom/events/DataTransfer.cpp15
1 files changed, 5 insertions, 10 deletions
diff --git a/dom/events/DataTransfer.cpp b/dom/events/DataTransfer.cpp
index 5e7d477dfb..3a3f5464d2 100644
--- a/dom/events/DataTransfer.cpp
+++ b/dom/events/DataTransfer.cpp
@@ -639,16 +639,11 @@ DataTransfer::PrincipalMaySetData(const nsAString& aType,
return false;
}
- if (aType.EqualsASCII(kFileMime) ||
- aType.EqualsASCII(kFilePromiseMime)) {
- NS_WARNING("Disallowing adding x-moz-file or x-moz-file-promize types to DataTransfer");
- return false;
- }
-
- // Disallow content from creating x-moz-place flavors, so that it cannot
- // create fake Places smart queries exposing user data.
- if (StringBeginsWith(aType, NS_LITERAL_STRING("text/x-moz-place"))) {
- NS_WARNING("Disallowing adding moz-place types to DataTransfer");
+ // Don't allow adding internal types of the form */x-moz-*, but
+ // special-case the url types as they are simple variations of urls.
+ if (FindInReadable(NS_LITERAL_STRING(kInternal_Mimetype_Prefix), aType) &&
+ !StringBeginsWith(aType, NS_LITERAL_STRING("text/x-moz-url"))) {
+ NS_WARNING("Disallowing adding requested internal type to DataTransfer");
return false;
}
}
generated by cgit v1.2.3 (git 2.26.2) at 2024-09-21 20:33:14 +0000