[tor-commits] [torbutton/master] Bug 4517: Disable external drag and drop.
mikeperry at torproject.org
mikeperry at torproject.org
Wed Dec 7 22:37:29 UTC 2011
commit adc40a1d2c0d8be8b4e082fecc22722372b7a0cb
Author: Mike Perry <mikeperry-git at fscked.org>
Date: Tue Dec 6 14:29:49 2011 -0800
Bug 4517: Disable external drag and drop.
We basically remove all the url-containing drag and drop mime-types from the
drag action. This seems to still allow you to drag stuff within TBB (because
it uses its own internal secret types), but prevents dragging to outside apps.
---
src/chrome.manifest | 1 +
src/components/external-app-blocker.js | 103 +++++++++++++++++++++++++++++++-
src/install.rdf | 2 +-
3 files changed, 102 insertions(+), 4 deletions(-)
diff --git a/src/chrome.manifest b/src/chrome.manifest
index cda8bb9..2172815 100644
--- a/src/chrome.manifest
+++ b/src/chrome.manifest
@@ -132,6 +132,7 @@ component {3da0269f-fc29-4e9e-a678-c3b1cafcf13f} components/external-app-blocker
contract @mozilla.org/mime;1 {3da0269f-fc29-4e9e-a678-c3b1cafcf13f}
contract @mozilla.org/uriloader/external-protocol-service;1 {3da0269f-fc29-4e9e-a678-c3b1cafcf13f}
contract @mozilla.org/uriloader/external-helper-app-service;1 {3da0269f-fc29-4e9e-a678-c3b1cafcf13f}
+contract @mozilla.org/widget/dragservice;1 {3da0269f-fc29-4e9e-a678-c3b1cafcf13f}
component {aef08952-b003-4697-b935-a392367e214f} components/tbSessionStore.js
contract @torproject.org/torbutton-ss-blocker;1 {aef08952-b003-4697-b935-a392367e214f}
diff --git a/src/components/external-app-blocker.js b/src/components/external-app-blocker.js
index a83f50c..7b68a21 100644
--- a/src/components/external-app-blocker.js
+++ b/src/components/external-app-blocker.js
@@ -11,16 +11,21 @@ const kMODULE_CONTRACTID_APP = "@mozilla.org/uriloader/external-helper-app-servi
const kMODULE_CONTRACTID_PROTO = "@mozilla.org/uriloader/external-protocol-service;1";
const kMODULE_CONTRACTID_MIME = "@mozilla.org/mime;1";
+const kMODULE_CONTRACTID_DRAG = "@mozilla.org/widget/dragservice;1";
+
+
const kMODULE_CID = Components.ID("3da0269f-fc29-4e9e-a678-c3b1cafcf13f");
/* Mozilla defined interfaces for FF3.0 */
const kREAL_EXTERNAL_CID = "{A7F800E0-4306-11d4-98D0-001083010E9B}";
-
const kExternalInterfaces = ["nsIObserver", "nsIMIMEService",
"nsIExternalHelperAppService",
"nsISupportsWeakReference", // XXX: Uh-oh...
"nsIExternalProtocolService",
"nsPIExternalAppLauncher"];
+
+const kREAL_DRAG_CID = "{8b5314bb-db01-11d2-96ce-0060b0fb9956}";
+const kDragInterfaces = ["nsIDragService"];
const Cr = Components.results;
const Cc = Components.classes;
@@ -38,6 +43,7 @@ function ExternalWrapper() {
this.logger.log(3, "Component Load 0: New ExternalWrapper.");
this._real_external = Components.classesByID[kREAL_EXTERNAL_CID];
+ this._real_drag = Components.classesByID[kREAL_DRAG_CID];
this._interfaces = kExternalInterfaces;
this._prefs = Components.classes["@mozilla.org/preferences-service;1"]
@@ -52,6 +58,15 @@ function ExternalWrapper() {
};
this.copyMethods(this._external());
+
+ this._drag = function() {
+ var drag = this._real_drag.getService();
+ for (var i = 0; i < kDragInterfaces.length; i++) {
+ drag.QueryInterface(Components.interfaces[kDragInterfaces]);
+ }
+ return drag;
+ };
+ this.copyMethods(this._drag());
}
ExternalWrapper.prototype =
@@ -62,8 +77,13 @@ ExternalWrapper.prototype =
return this;
}
- var external = this._external().QueryInterface(iid);
- this.copyMethods(external);
+ try {
+ var external = this._external().QueryInterface(iid);
+ this.copyMethods(external);
+ } catch(e) {
+ var drag = this._drag().QueryInterface(iid);
+ this.copyMethods(drag);
+ }
return this;
},
@@ -83,6 +103,10 @@ ExternalWrapper.prototype =
interfaceList.push(Components.interfaces[this._interfaces[i]]);
}
+ for (var i = 0; i < kDragInterfaces.length; i++) {
+ interfaceList.push(Components.interfaces[kDragInterfaces[i]]);
+ }
+
count.value = interfaceList.length;
return interfaceList;
},
@@ -199,6 +223,71 @@ ExternalWrapper.prototype =
return this._external().doContent(aMimeContentType, aRequest, aWindowContext, aForceSave);
},
+ // from nsIDragService
+ invokeDragSessionWithImage: function(aDOMNode, aTransferableArray, aRegion, aActionType, aImage, aImageX, aImageY, aDragEvent, aDataTransfer) {
+ aActionType = 0;
+
+ for(var i = 0; i < aTransferableArray.Count(); i++) {
+ this.logger.log(3, "Inspecting drag+drop transfer: "+i);
+ var tr = aTransferableArray.GetElementAt(i);
+ tr.QueryInterface(Ci.nsITransferable);
+
+ var flavors = tr.flavorsTransferableCanExport()
+ .QueryInterface(Ci.nsISupportsArray);
+
+ for (var f=0; f < flavors.Count(); f++) {
+ var flavor =flavors.GetElementAt(f);
+ flavor.QueryInterface(Ci.nsISupportsCString);
+
+ this.logger.log(3, "Got drag+drop flavor: "+flavor);
+ if (flavor == "text/x-moz-url" ||
+ flavor == "text/x-moz-url-data" ||
+ flavor == "text/uri-list" ||
+ flavor == "application/x-moz-file-promise-url") {
+ this.logger.log(3, "Removing "+flavor);
+ try { tr.removeDataFlavor(flavor); } catch(e) {}
+ continue;
+ }
+
+ /*
+ var data = {}, len = {};
+ try {
+ tr.getTransferData(flavor, data, len);
+ this.logger.log(3, "Got data: "+data.value.QueryInterface(Ci.nsISupportsString).data);
+ } catch(e) {
+ }
+ */
+ }
+ }
+
+ return this._drag().invokeDragSessionWithImage(aDOMNode, aTransferableArray, aRegion, aActionType, aImage, aImageX, aImageY, aDragEvent, aDataTransfer);
+ },
+ /*
+ fireDragEventAtSource: function( aMsg ) {
+ this.logger.log(4, "FIRE AT THE SOURCE!!!");
+ return this._drag().fireDragEventAtSource(aMsg);
+ },
+
+ invokeDragSession: function(aDOMNode, aTransferables, aRegion, aActionType ) {
+ this.logger.log(4, "InvokeDragSession!");
+ return this._drag().invokeDragSession(aDOMNode, aTransferables, aRegion, aActionType );
+ },
+ invokeDragSessionWithSelection: function(aSelection, aTransferableArray, aActionType, aDragEvent, aDataTransfer) {
+ this.logger.log(4, "InvokeDragSessionWithSelection!!");
+ return this._drag().invokeDragSessionWithSelection(aSelection, aTransferableArray, aActionType, aDragEvent, aDataTransfer);
+ },
+
+ endDragSession: function(aDoneDrag) {
+ this.logger.log(4, "EndDrag");
+ return this._drag().endDragSession(aDoneDrag);
+ },
+
+ startDragSesssion: function() {
+ this.logger.log(4, "StartDrag");
+ return this._drag().startDragSession();
+ }
+ */
+
};
var ExternalWrapperSingleton = null;
@@ -250,6 +339,14 @@ function (compMgr, fileSpec, location, type) {
fileSpec,
location,
type);
+
+ compMgr.registerFactoryLocation(kMODULE_CID,
+ kMODULE_NAME,
+ kMODULE_CONTRACTID_DRAG,
+ fileSpec,
+ location,
+ type);
+
};
ExternalWrapperModule.getClassObject = function (compMgr, cid, iid)
diff --git a/src/install.rdf b/src/install.rdf
index 3a95f96..34e433c 100644
--- a/src/install.rdf
+++ b/src/install.rdf
@@ -6,7 +6,7 @@
<em:name>Torbutton</em:name>
<em:creator>Mike Perry & Kory Kirk</em:creator>
<em:id>{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}</em:id>
- <em:version>1.4.4.1</em:version>
+ <em:version>1.4.5pre</em:version>
<em:homepageURL>https://www.torproject.org/torbutton/</em:homepageURL>
<em:optionsURL>chrome://torbutton/content/preferences.xul</em:optionsURL>
<em:iconURL>chrome://torbutton/skin/tor.png</em:iconURL>
More information about the tor-commits
mailing list