From 51c29873aa5c8f8ee667b2765522061b48b41278 Mon Sep 17 00:00:00 2001 From: Daniel Holbert Date: Thu, 8 Dec 2011 13:34:07 -0800 Subject: [PATCH] Bug 704482 patch 2: Further restrict event-based triggering of SMIL animations when scripts are disabled. r=birtles --- content/smil/nsSMILTimeValueSpec.cpp | 33 +++++++++++++++++++++++++--- content/smil/nsSMILTimeValueSpec.h | 1 + 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/content/smil/nsSMILTimeValueSpec.cpp b/content/smil/nsSMILTimeValueSpec.cpp index ee0c348f309..a21dc42cfdc 100644 --- a/content/smil/nsSMILTimeValueSpec.cpp +++ b/content/smil/nsSMILTimeValueSpec.cpp @@ -322,6 +322,32 @@ nsSMILTimeValueSpec::GetTimedElement(Element* aElement) return &animElement->TimedElement(); } +// Indicates whether we're allowed to register an event-listener +// when scripting is disabled. +bool +nsSMILTimeValueSpec::IsWhitelistedEvent() +{ + // The category of (SMIL-specific) "repeat(n)" events are allowed. + if (mParams.mType == nsSMILTimeValueSpecParams::REPEAT) { + return true; + } + + // A specific list of other SMIL-related events are allowed, too. + // NOTE: "repeatEvent", "beginEvent", & "endEvent" aren't in nsGkAtoms -- + // they're defined in nsDOMEvent.cpp -- so we need to use NS_NewAtom. + // (This could probably be optimized, but it's not a huge deal because + // we'll rarely hit this code.) + if (mParams.mType == nsSMILTimeValueSpecParams::EVENT && + (mParams.mEventSymbol == nsGkAtoms::repeat || + mParams.mEventSymbol == NS_NewAtom("repeatEvent") || + mParams.mEventSymbol == NS_NewAtom("beginEvent") || + mParams.mEventSymbol == NS_NewAtom("endEvent"))) { + return true; + } + + return false; +} + void nsSMILTimeValueSpec::RegisterEventListener(Element* aTarget) { @@ -334,10 +360,11 @@ nsSMILTimeValueSpec::RegisterEventListener(Element* aTarget) if (!aTarget) return; - // Don't listen for accessKey events if script is disabled. (see bug 704482) - if (mParams.mType == nsSMILTimeValueSpecParams::ACCESSKEY && - !aTarget->GetOwnerDocument()->IsScriptEnabled()) + // When script is disabled, only allow registration for whitelisted events. + if (!aTarget->GetOwnerDocument()->IsScriptEnabled() && + !IsWhitelistedEvent()) { return; + } if (!mEventListener) { mEventListener = new EventListener(this); diff --git a/content/smil/nsSMILTimeValueSpec.h b/content/smil/nsSMILTimeValueSpec.h index 913ae75adee..98bcf43ad6a 100644 --- a/content/smil/nsSMILTimeValueSpec.h +++ b/content/smil/nsSMILTimeValueSpec.h @@ -93,6 +93,7 @@ protected: void UpdateReferencedElement(Element* aFrom, Element* aTo); void UnregisterFromReferencedElement(Element* aElement); nsSMILTimedElement* GetTimedElement(Element* aElement); + bool IsWhitelistedEvent(); void RegisterEventListener(Element* aElement); void UnregisterEventListener(Element* aElement); nsEventListenerManager* GetEventListenerManager(Element* aElement);