[webkit-changes] [148485] branches/safari-536.30-branch

Mon, 15 Apr 2013 18:36:34 -0700

Title: [148485] branches/safari-536.30-branch
Revision
148485
Author
aes...@apple.com
Date
2013-04-15 18:38:18 -0700 (Mon, 15 Apr 2013)

Log Message

Merged r139111.

    2013-01-08  Tom Sepez  <tse...@chromium.org>

Copy-paste preserves <embed> tags containing active content.
https://bugs.webkit.org/show_bug.cgi?id=77625

Reviewed by Ryosuke Niwa.

Source/WebCore:

Test: editing/pasteboard/paste-noplugin.html

* dom/FragmentScriptingPermission.h:
(WebCore::scriptingContentIsAllowed):
(WebCore::pluginContentIsAllowed):
Add new permission to restrict plugin pasting.  Add inline functions to check
the implications of each permission rather than having a list of raw comparisions
sprinkled throughout the code.

* editing/markup.cpp:
(WebCore::createFragmentFromMarkup):
Revert back to unsafe plugin pasting regardless of caller's intentions when
the settings allow it.

* dom/Element.cpp:
(WebCore::Element::parserSetAttributes):
* html/parser/HTMLConstructionSite.cpp:
(WebCore::HTMLConstructionSite::insertScriptElement):
* xml/parser/XMLDocumentParserLibxml2.cpp:
(WebCore::XMLDocumentParser::endElementNs):
* xml/parser/XMLDocumentParserQt.cpp:
(WebCore::XMLDocumentParser::parseEndElement):
Use new inline functions to check implications of permissions rather than raw
comparisions.

* html/parser/HTMLTreeBuilder.cpp:
(WebCore::HTMLTreeBuilder::processStartTagForInBody):
(WebCore::HTMLTreeBuilder::processEndTag):
Check if plugin pasting is allowed before inserting applet/embed/oject elements.

* page/Settings.in:
Declaration of new unsafePluginPastingEnabled setting.

* platform/mac/PasteboardMac.mm:
(WebCore::Pasteboard::documentFragment):
* platform/blackberry/PasteboardBlackBerry.cpp:
(WebCore::Pasteboard::documentFragment):
* platform/chromium/DragDataChromium.cpp:
(WebCore::DragData::asFragment):
* platform/chromium/PasteboardChromium.cpp:
(WebCore::Pasteboard::documentFragment):
* platform/gtk/PasteboardGtk.cpp:
(WebCore::Pasteboard::documentFragment):
* platform/qt/DragDataQt.cpp:
(WebCore::DragData::asFragment):
* platform/qt/PasteboardQt.cpp:
(WebCore::Pasteboard::documentFragment):
* platform/win/ClipboardUtilitiesWin.cpp:
(WebCore::fragmentFromCFHTML):
(WebCore::fragmentFromHTML):
* platform/wx/PasteboardWx.cpp:
(WebCore::Pasteboard::documentFragment):
Pass DisallowScriptingAndPluginContent enum value.

Source/WebKit/chromium:

Adds chromium API to new unsafePluginPastingEnabled setting.

* public/WebSettings.h:
* src/WebSettingsImpl.cpp:
(WebKit::WebSettingsImpl::setUnsafePluginPastingEnabled):
(WebKit):
* src/WebSettingsImpl.h:
(WebSettingsImpl):

LayoutTests:

* editing/pasteboard/paste-noplugin-expected.txt: Added.
* editing/pasteboard/paste-noplugin.html: Added.

Modified Paths

Added Paths

Diff

Modified: branches/safari-536.30-branch/LayoutTests/ChangeLog (148484 => 148485)


--- branches/safari-536.30-branch/LayoutTests/ChangeLog	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/LayoutTests/ChangeLog	2013-04-16 01:38:18 UTC (rev 148485)
@@ -1,3 +1,17 @@
+2013-04-15  Andy Estes  <aes...@apple.com>
+
+        Merged r139111.
+
+    2013-01-08  Tom Sepez  <tse...@chromium.org>
+
+        Copy-paste preserves <embed> tags containing active content.
+        https://bugs.webkit.org/show_bug.cgi?id=77625
+
+        Reviewed by Ryosuke Niwa.
+
+        * editing/pasteboard/paste-noplugin-expected.txt: Added.
+        * editing/pasteboard/paste-noplugin.html: Added.
+
 2013-04-15  Tim Horton  <timothy_hor...@apple.com>
 
     Merge r138460.

Added: branches/safari-536.30-branch/LayoutTests/editing/pasteboard/paste-noplugin-expected.txt (0 => 148485)


--- branches/safari-536.30-branch/LayoutTests/editing/pasteboard/paste-noplugin-expected.txt	                        (rev 0)
+++ branches/safari-536.30-branch/LayoutTests/editing/pasteboard/paste-noplugin-expected.txt	2013-04-16 01:38:18 UTC (rev 148485)
@@ -0,0 +1,27 @@
+This test copies embed and object elements, pastes them into an editable area, and verifies that unsafe tags are not pasted when the setting prohibits this.
+
+Original contents:
+| "
+"
+| <p>
+|   "Some text to paste."
+| "
+"
+| <embed>
+|   src=""
+| "
+"
+| <object>
+|   data=""
+|   <param>
+|     name="src"
+|     value="http://localhost:8000/evil.swf"
+|   <embed>
+|     src=""
+| "
+"
+
+Pasted contents:
+| <p>
+|   "Some text to paste."
+| " <#selection-caret>"

Added: branches/safari-536.30-branch/LayoutTests/editing/pasteboard/paste-noplugin.html (0 => 148485)


--- branches/safari-536.30-branch/LayoutTests/editing/pasteboard/paste-noplugin.html	                        (rev 0)
+++ branches/safari-536.30-branch/LayoutTests/editing/pasteboard/paste-noplugin.html	2013-04-16 01:38:18 UTC (rev 148485)
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+<script>
+if (window.layoutTestController) {
+   layoutTestController.dumpAsText();
+   internals.settings.setUnsafePluginPastingEnabled(false);
+}
+</script>
+<script src=""
+<div id="source">
+<p>Some text to paste.</p>
+<embed src=""
+<object data="" name="src" value="http://localhost:8000/evil.swf"><embed src=""
+</div>
+<div id="destination" contenteditable="true"></div>
+<ul id="console"></ul>
+<script>
+var source = document.getElementById("source");
+var destination = document.getElementById("destination");
+var selection = window.getSelection();
+selection.setBaseAndExtent(source, 0, source, 5);
+document.execCommand("Copy");
+selection.setPosition(destination, 0);
+document.execCommand("Paste");
+Markup.description("This test copies embed and object elements, pastes them into an editable area, and verifies that unsafe tags are not pasted when the setting prohibits this.");
+Markup.dump("source", "Original contents");
+Markup.dump("destination", "Pasted contents");
+</script>
+</html>

Modified: branches/safari-536.30-branch/Source/WebCore/ChangeLog (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/ChangeLog	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/ChangeLog	2013-04-16 01:38:18 UTC (rev 148485)
@@ -1,3 +1,68 @@
+2013-04-15  Andy Estes  <aes...@apple.com>
+
+        Merged r139111.
+
+    2013-01-08  Tom Sepez  <tse...@chromium.org>
+
+        Copy-paste preserves <embed> tags containing active content.
+        https://bugs.webkit.org/show_bug.cgi?id=77625
+
+        Reviewed by Ryosuke Niwa.
+
+        Test: editing/pasteboard/paste-noplugin.html
+
+        * dom/FragmentScriptingPermission.h:
+        (WebCore::scriptingContentIsAllowed):
+        (WebCore::pluginContentIsAllowed):
+        Add new permission to restrict plugin pasting.  Add inline functions to check
+        the implications of each permission rather than having a list of raw comparisions
+        sprinkled throughout the code. 
+        
+        * editing/markup.cpp:
+        (WebCore::createFragmentFromMarkup):
+        Revert back to unsafe plugin pasting regardless of caller's intentions when
+        the settings allow it.
+
+        * dom/Element.cpp:
+        (WebCore::Element::parserSetAttributes):
+        * html/parser/HTMLConstructionSite.cpp:
+        (WebCore::HTMLConstructionSite::insertScriptElement):
+        * xml/parser/XMLDocumentParserLibxml2.cpp:
+        (WebCore::XMLDocumentParser::endElementNs):
+        * xml/parser/XMLDocumentParserQt.cpp:
+        (WebCore::XMLDocumentParser::parseEndElement):
+        Use new inline functions to check implications of permissions rather than raw
+        comparisions.
+        
+        * html/parser/HTMLTreeBuilder.cpp:
+        (WebCore::HTMLTreeBuilder::processStartTagForInBody):
+        (WebCore::HTMLTreeBuilder::processEndTag):
+        Check if plugin pasting is allowed before inserting applet/embed/oject elements.
+
+        * page/Settings.in:
+        Declaration of new unsafePluginPastingEnabled setting.
+
+        * platform/mac/PasteboardMac.mm:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/blackberry/PasteboardBlackBerry.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/chromium/DragDataChromium.cpp:
+        (WebCore::DragData::asFragment):
+        * platform/chromium/PasteboardChromium.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/gtk/PasteboardGtk.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/qt/DragDataQt.cpp:
+        (WebCore::DragData::asFragment):
+        * platform/qt/PasteboardQt.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        * platform/win/ClipboardUtilitiesWin.cpp:
+        (WebCore::fragmentFromCFHTML):
+        (WebCore::fragmentFromHTML):
+        * platform/wx/PasteboardWx.cpp:
+        (WebCore::Pasteboard::documentFragment):
+        Pass DisallowScriptingAndPluginContent enum value.
+        
 2013-04-15  Roger Fong  <roger_f...@apple.com>
 
         Build fix for r148472.

Modified: branches/safari-536.30-branch/Source/WebCore/WebCore.exp.in (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/WebCore.exp.in	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/WebCore.exp.in	2013-04-16 01:38:18 UTC (rev 148485)
@@ -1035,6 +1035,7 @@
 __ZN7WebCore8Settings29setAccelerated2dCanvasEnabledEb
 __ZN7WebCore8Settings29setAuthorAndUserStylesEnabledEb
 __ZN7WebCore8Settings29setDefaultMinDOMTimerIntervalEd
+__ZN7WebCore8Settings29setUnsafePluginPastingEnabledEb
 __ZN7WebCore8Settings29setWebArchiveDebugModeEnabledEb
 __ZN7WebCore8Settings30setAllowFileAccessFromFileURLsEb
 __ZN7WebCore8Settings31setCanvasUsesAcceleratedDrawingEb

Modified: branches/safari-536.30-branch/Source/WebCore/dom/Element.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/dom/Element.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/dom/Element.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -789,8 +789,8 @@
 
     // If the element is created as result of a paste or drag-n-drop operation
     // we want to remove all the script and event handlers.
-    if (scriptingPermission == FragmentScriptingNotAllowed) {
-        unsigned i = 0;
+    if (!scriptingContentIsAllowed(scriptingPermission)) {
+        size_t i = 0;
         while (i < m_attributeData->length()) {
             const QualifiedName& attributeName = m_attributeData->m_attributes[i].name();
             if (isEventHandlerAttribute(attributeName)) {

Modified: branches/safari-536.30-branch/Source/WebCore/dom/FragmentScriptingPermission.h (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/dom/FragmentScriptingPermission.h	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/dom/FragmentScriptingPermission.h	2013-04-16 01:38:18 UTC (rev 148485)
@@ -31,10 +31,21 @@
 // FIXME: This enum is poorly named.  It is used to remove script contents when
 // generating DocumentFragments for paste in platform/*/Pasteboard.*.
 enum FragmentScriptingPermission {
+    FragmentScriptingAndPluginContentNotAllowed,
     FragmentScriptingAllowed,
     FragmentScriptingNotAllowed,
 };
 
-};
+static inline bool scriptingContentIsAllowed(FragmentScriptingPermission scriptingPermission) 
+{
+    return scriptingPermission == FragmentScriptingAllowed;
+}
 
+static inline bool pluginContentIsAllowed(FragmentScriptingPermission scriptingPermission)
+{
+    return scriptingPermission != FragmentScriptingAndPluginContentNotAllowed;
+}
+
+} // namespace WebCore
+
 #endif // FragmentScriptingPermission_h

Modified: branches/safari-536.30-branch/Source/WebCore/editing/markup.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/editing/markup.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/editing/markup.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -53,6 +53,7 @@
 #include "MarkupAccumulator.h"
 #include "Range.h"
 #include "RenderObject.h"
+#include "Settings.h"
 #include "StylePropertySet.h"
 #include "StyleResolver.h"
 #include "TextIterator.h"
@@ -665,6 +666,10 @@
 {
     // We use a fake body element here to trick the HTML parser to using the InBody insertion mode.
     RefPtr<HTMLBodyElement> fakeBody = HTMLBodyElement::create(document);
+
+    if (scriptingPermission == FragmentScriptingAndPluginContentNotAllowed && (!document->settings() || document->settings()->unsafePluginPastingEnabled()))
+        scriptingPermission = FragmentScriptingNotAllowed;
+
     RefPtr<DocumentFragment> fragment =  Range::createDocumentFragmentForElement(markup, fakeBody.get(), scriptingPermission);
 
     if (fragment && !baseURL.isEmpty() && baseURL != blankURL() && baseURL != document->baseURL())

Modified: branches/safari-536.30-branch/Source/WebCore/html/parser/HTMLConstructionSite.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/html/parser/HTMLConstructionSite.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/html/parser/HTMLConstructionSite.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -336,7 +336,7 @@
 void HTMLConstructionSite::insertScriptElement(AtomicHTMLToken& token)
 {
     RefPtr<HTMLScriptElement> element = HTMLScriptElement::create(scriptTag, currentNode()->document(), true);
-    if (m_fragmentScriptingPermission == FragmentScriptingAllowed)
+    if (scriptingContentIsAllowed(m_fragmentScriptingPermission))
         element->parserSetAttributes(token.attributes(), m_fragmentScriptingPermission);
     attachLater(currentNode(), element);
     m_openElements.push(element.release());

Modified: branches/safari-536.30-branch/Source/WebCore/html/parser/HTMLTreeBuilder.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/html/parser/HTMLTreeBuilder.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/html/parser/HTMLTreeBuilder.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -885,6 +885,12 @@
         return;
     }
     if (token.name() == appletTag
+        || token.name() == embedTag
+        || token.name() == objectTag) {
+        if (isParsingFragment() && !pluginContentIsAllowed(m_fragmentContext.scriptingPermission()))
+            return;
+    }
+    if (token.name() == appletTag
         || token.name() == marqueeTag
         || token.name() == objectTag) {
         m_tree.reconstructTheActiveFormattingElements();
@@ -2135,7 +2141,7 @@
             m_scriptToProcess = m_tree.currentElement();
             m_scriptToProcessStartPosition = m_lastScriptElementStartPosition;
             m_tree.openElements()->pop();
-            if (isParsingFragment() && m_fragmentContext.scriptingPermission() == FragmentScriptingNotAllowed)
+            if (isParsingFragment() && !scriptingContentIsAllowed(m_fragmentContext.scriptingPermission()))
                 m_scriptToProcess->removeAllChildren();
             setInsertionMode(m_originalInsertionMode);

Modified: branches/safari-536.30-branch/Source/WebCore/page/Settings.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/page/Settings.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/page/Settings.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -197,6 +197,7 @@
     // they can't use by. Leaving enabled for now to not change existing behavior.
     , m_downloadableBinaryFontsEnabled(true)
     , m_xssAuditorEnabled(false)
+    , m_unsafePluginPastingEnabled(true)
     , m_acceleratedCompositingEnabled(true)
     , m_acceleratedCompositingFor3DTransformsEnabled(true)
     , m_acceleratedCompositingForVideoEnabled(true)
@@ -772,6 +773,11 @@
     m_xssAuditorEnabled = xssAuditorEnabled;
 }
 
+void Settings::setUnsafePluginPastingEnabled(bool unsafePluginPastingEnabled)
+{
+    m_unsafePluginPastingEnabled = unsafePluginPastingEnabled;
+}
+
 void Settings::setAcceleratedCompositingEnabled(bool enabled)
 {
     if (m_acceleratedCompositingEnabled == enabled)

Modified: branches/safari-536.30-branch/Source/WebCore/page/Settings.h (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/page/Settings.h	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/page/Settings.h	2013-04-16 01:38:18 UTC (rev 148485)
@@ -307,6 +307,9 @@
 
         void setXSSAuditorEnabled(bool);
         bool xssAuditorEnabled() const { return m_xssAuditorEnabled; }
+        
+        void setUnsafePluginPastingEnabled(bool);
+        bool unsafePluginPastingEnabled() const { return m_unsafePluginPastingEnabled; }
 
         void setCanvasUsesAcceleratedDrawing(bool);
         bool canvasUsesAcceleratedDrawing() const { return m_canvasUsesAcceleratedDrawing; }
@@ -665,6 +668,7 @@
         bool m_regionBasedColumnsEnabled : 1;
         bool m_downloadableBinaryFontsEnabled : 1;
         bool m_xssAuditorEnabled : 1;
+        bool m_unsafePluginPastingEnabled : 1;
         bool m_acceleratedCompositingEnabled : 1;
         bool m_acceleratedCompositingFor3DTransformsEnabled : 1;
         bool m_acceleratedCompositingForVideoEnabled : 1;

Modified: branches/safari-536.30-branch/Source/WebCore/platform/blackberry/PasteboardBlackBerry.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/blackberry/PasteboardBlackBerry.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/blackberry/PasteboardBlackBerry.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -97,7 +97,7 @@
     RefPtr<DocumentFragment> fragment;
     if (!html.isEmpty()) {
         String url = ""
-        if (fragment = createFragmentFromMarkup(frame->document(), html, url, FragmentScriptingNotAllowed))
+        if (fragment = createFragmentFromMarkup(frame->document(), html, url, FragmentScriptingAndPluginContentNotAllowed))
             return fragment.release();
     }

Modified: branches/safari-536.30-branch/Source/WebCore/platform/chromium/DragDataChromium.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/chromium/DragDataChromium.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/chromium/DragDataChromium.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -32,6 +32,7 @@
 
 #include "ChromiumDataObject.h"
 #include "ClipboardMimeTypes.h"
+#include "Document.h"
 #include "DocumentFragment.h"
 #include "FileSystem.h"
 #include "Frame.h"
@@ -141,8 +142,8 @@
         String html;
         KURL baseURL;
         m_platformDragData->htmlAndBaseURL(html, baseURL);
-        RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, baseURL, FragmentScriptingNotAllowed);
-        return fragment.release();
+        if (RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, baseURL, FragmentScriptingAndPluginContentNotAllowed))
+            return fragment.release();
     }
 
     return 0;

Modified: branches/safari-536.30-branch/Source/WebCore/platform/chromium/PasteboardChromium.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/chromium/PasteboardChromium.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/chromium/PasteboardChromium.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -184,7 +184,7 @@
 
         if (!markup.isEmpty()) {
           RefPtr<DocumentFragment> fragment =
-              createFragmentFromMarkupWithContext(frame->document(), markup, fragmentStart, fragmentEnd, srcURL, FragmentScriptingNotAllowed);
+              createFragmentFromMarkupWithContext(frame->document(), markup, fragmentStart, fragmentEnd, srcURL, FragmentScriptingAndPluginContentNotAllowed);
           if (fragment)
               return fragment.release();
         }
@@ -194,10 +194,7 @@
         String markup = PlatformSupport::clipboardReadPlainText(buffer);
         if (!markup.isEmpty()) {
             chosePlainText = true;
-
-            RefPtr<DocumentFragment> fragment =
-                createFragmentFromText(context.get(), markup);
-            if (fragment)
+            if (RefPtr<DocumentFragment> fragment = createFragmentFromText(context.get(), markup))
                 return fragment.release();
         }
     }

Modified: branches/safari-536.30-branch/Source/WebCore/platform/gtk/PasteboardGtk.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/gtk/PasteboardGtk.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/gtk/PasteboardGtk.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -170,7 +170,7 @@
     chosePlainText = false;
 
     if (dataObject->hasMarkup()) {
-        RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), dataObject->markup(), "", FragmentScriptingNotAllowed);
+        RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), dataObject->markup(), "", FragmentScriptingAndPluginContentNotAllowed);
         if (fragment)
             return fragment.release();
     }

Modified: branches/safari-536.30-branch/Source/WebCore/platform/mac/PasteboardMac.mm (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/mac/PasteboardMac.mm	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/mac/PasteboardMac.mm	2013-04-16 01:38:18 UTC (rev 148485)
@@ -461,7 +461,7 @@
                     if (DocumentLoader* loader = frame->loader()->documentLoader())
                         loader->addAllArchiveResources(coreArchive.get());
                     
-                    fragment = createFragmentFromMarkup(frame->document(), markupString, mainResource->url(), FragmentScriptingNotAllowed);
+                    fragment = createFragmentFromMarkup(frame->document(), markupString, mainResource->url(), FragmentScriptingAndPluginContentNotAllowed);
                     [markupString release];
                 } else if (MIMETypeRegistry::isSupportedImageMIMEType(MIMEType))
                    fragment = documentFragmentWithImageResource(frame, mainResource);                    
@@ -500,7 +500,7 @@
             }
         }
         if ([HTMLString length] != 0 &&
-            (fragment = createFragmentFromMarkup(frame->document(), HTMLString, "", FragmentScriptingNotAllowed)))
+            (fragment = createFragmentFromMarkup(frame->document(), HTMLString, "", FragmentScriptingAndPluginContentNotAllowed)))
             return fragment.release();
     }

Modified: branches/safari-536.30-branch/Source/WebCore/platform/qt/DragDataQt.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/qt/DragDataQt.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/qt/DragDataQt.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -137,7 +137,7 @@
 PassRefPtr<DocumentFragment> DragData::asFragment(Frame* frame, PassRefPtr<Range>, bool, bool&) const
 {
     if (m_platformDragData && m_platformDragData->hasHtml())
-        return createFragmentFromMarkup(frame->document(), m_platformDragData->html(), "", FragmentScriptingNotAllowed);
+        return createFragmentFromMarkup(frame->document(), m_platformDragData->html(), "", FragmentScriptingAndPluginContentNotAllowed);
 
     return 0;
 }

Modified: branches/safari-536.30-branch/Source/WebCore/platform/qt/PasteboardQt.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/qt/PasteboardQt.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/qt/PasteboardQt.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -111,7 +111,7 @@
     if (mimeData->hasHtml()) {
         QString html = mimeData->html();
         if (!html.isEmpty()) {
-            RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, "", FragmentScriptingNotAllowed);
+            RefPtr<DocumentFragment> fragment = createFragmentFromMarkup(frame->document(), html, "", FragmentScriptingAndPluginContentNotAllowed);
             if (fragment)
                 return fragment.release();
         }

Modified: branches/safari-536.30-branch/Source/WebCore/platform/win/ClipboardUtilitiesWin.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/platform/win/ClipboardUtilitiesWin.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/platform/win/ClipboardUtilitiesWin.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -631,7 +631,7 @@
     }
 
     String markup = extractMarkupFromCFHTML(cfhtml);
-    return createFragmentFromMarkup(doc, markup, srcURL, FragmentScriptingNotAllowed);
+    return createFragmentFromMarkup(doc, markup, srcURL, FragmentScriptingAndPluginContentNotAllowed);
 }
 
 PassRefPtr<DocumentFragment> fragmentFromHTML(Document* doc, IDataObject* data) 
@@ -648,7 +648,7 @@
     String html = getTextHTML(data);
     String srcURL;
     if (!html.isEmpty())
-        return createFragmentFromMarkup(doc, html, srcURL, FragmentScriptingNotAllowed);
+        return createFragmentFromMarkup(doc, html, srcURL, FragmentScriptingAndPluginContentNotAllowed);
 
     return 0;
 }
@@ -666,7 +666,7 @@
 
     String srcURL;
     if (getDataMapItem(data, texthtmlFormat(), stringData))
-        return createFragmentFromMarkup(document, stringData, srcURL, FragmentScriptingNotAllowed);
+        return createFragmentFromMarkup(document, stringData, srcURL, FragmentScriptingAndPluginContentNotAllowed);
 
     return 0;
 }

Modified: branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -329,4 +329,10 @@
     settings()->setMediaPlaybackRequiresUserGesture(enabled);
 }
 
+void InternalSettings::setUnsafePluginPastingEnabled(bool enabled, ExceptionCode& ec)
+{
+    InternalSettingsGuardForSettings();
+    settings()->setUnsafePluginPastingEnabled(enabled);
 }
+
+}

Modified: branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.h (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.h	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.h	2013-04-16 01:38:18 UTC (rev 148485)
@@ -74,6 +74,7 @@
     bool scrollAnimatorEnabled(ExceptionCode&);
     void setCSSExclusionsEnabled(bool enabled, ExceptionCode&);
     void setMediaPlaybackRequiresUserGesture(bool, ExceptionCode&);
+    void setUnsafePluginPastingEnabled(bool enabled, ExceptionCode&);
 
     void restoreTo(Settings*);

Modified: branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.idl (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.idl	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/testing/InternalSettings.idl	2013-04-16 01:38:18 UTC (rev 148485)
@@ -53,6 +53,7 @@
         boolean scrollAnimatorEnabled() raises(DOMException);
         void setCSSExclusionsEnabled(in boolean enabled) raises(DOMException);
         void setMediaPlaybackRequiresUserGesture(in boolean enabled) raises(DOMException);
+        void setUnsafePluginPastingEnabled(in boolean enabled) raises(DOMException);
     };
 }

Modified: branches/safari-536.30-branch/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -843,7 +843,7 @@
     if (hackAroundLibXMLEntityParsingBug() && context()->depth <= depthTriggeringEntityExpansion())
         setDepthTriggeringEntityExpansion(-1);
 
-    if (m_scriptingPermission == FragmentScriptingNotAllowed && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
+    if (!scriptingContentIsAllowed(m_scriptingPermission) && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
         popCurrentNode();
         ExceptionCode ec;
         n->remove(ec);

Modified: branches/safari-536.30-branch/Source/WebCore/xml/parser/XMLDocumentParserQt.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebCore/xml/parser/XMLDocumentParserQt.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebCore/xml/parser/XMLDocumentParserQt.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -498,7 +498,7 @@
     RefPtr<ContainerNode> n = m_currentNode;
     n->finishParsingChildren();
 
-    if (m_scriptingPermission == FragmentScriptingNotAllowed && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
+    if (!scriptingContentIsAllowed(m_scriptingPermission) && n->isElementNode() && toScriptElement(static_cast<Element*>(n.get()))) {
         popCurrentNode();
         ExceptionCode ec;
         n->remove(ec);

Modified: branches/safari-536.30-branch/Source/WebKit/chromium/ChangeLog (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebKit/chromium/ChangeLog	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebKit/chromium/ChangeLog	2013-04-16 01:38:18 UTC (rev 148485)
@@ -1,3 +1,23 @@
+2013-04-15  Andy Estes  <aes...@apple.com>
+
+        Merged r139111.
+
+    2013-01-08  Tom Sepez  <tse...@chromium.org>
+
+        Copy-paste preserves <embed> tags containing active content.
+        https://bugs.webkit.org/show_bug.cgi?id=77625
+
+        Reviewed by Ryosuke Niwa.
+
+        Adds chromium API to new unsafePluginPastingEnabled setting.
+
+        * public/WebSettings.h:
+        * src/WebSettingsImpl.cpp:
+        (WebKit::WebSettingsImpl::setUnsafePluginPastingEnabled):
+        (WebKit):
+        * src/WebSettingsImpl.h:
+        (WebSettingsImpl):
+
 2012-05-31  Ojan Vafai  <o...@chromium.org>
 
         add back the ability to disable flexbox

Modified: branches/safari-536.30-branch/Source/WebKit/chromium/public/WebSettings.h (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebKit/chromium/public/WebSettings.h	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebKit/chromium/public/WebSettings.h	2013-04-16 01:38:18 UTC (rev 148485)
@@ -128,6 +128,7 @@
     virtual void setUnifiedTextCheckerEnabled(bool) = 0;
     virtual void setCaretBrowsingEnabled(bool) = 0;
     virtual void setInteractiveFormValidationEnabled(bool) = 0;
+    virtual void setUnsafePluginPastingEnabled(bool) = 0;
     virtual void setValidationMessageTimerMagnification(int) = 0;
     virtual void setMinimumTimerInterval(double) = 0;
     virtual void setFullScreenEnabled(bool) = 0;

Modified: branches/safari-536.30-branch/Source/WebKit/chromium/src/WebSettingsImpl.cpp (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebKit/chromium/src/WebSettingsImpl.cpp	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebKit/chromium/src/WebSettingsImpl.cpp	2013-04-16 01:38:18 UTC (rev 148485)
@@ -224,6 +224,11 @@
     m_settings->setXSSAuditorEnabled(enabled);
 }
 
+void WebSettingsImpl::setUnsafePluginPastingEnabled(bool enabled)
+{
+    m_settings->setUnsafePluginPastingEnabled(enabled);
+}
+
 void WebSettingsImpl::setDNSPrefetchingEnabled(bool enabled)
 {
     m_settings->setDNSPrefetchingEnabled(enabled);

Modified: branches/safari-536.30-branch/Source/WebKit/chromium/src/WebSettingsImpl.h (148484 => 148485)


--- branches/safari-536.30-branch/Source/WebKit/chromium/src/WebSettingsImpl.h	2013-04-16 01:34:20 UTC (rev 148484)
+++ branches/safari-536.30-branch/Source/WebKit/chromium/src/WebSettingsImpl.h	2013-04-16 01:38:18 UTC (rev 148485)
@@ -120,6 +120,7 @@
     virtual void setUnifiedTextCheckerEnabled(bool);
     virtual void setCaretBrowsingEnabled(bool);
     virtual void setInteractiveFormValidationEnabled(bool);
+    virtual void setUnsafePluginPastingEnabled(bool);
     virtual void setValidationMessageTimerMagnification(int);
     virtual void setMinimumTimerInterval(double);
     virtual void setFullScreenEnabled(bool);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to