mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 383252: Cannot drag / drop URL or link onto tabbar, r=mconnor When SeaMonkey switched to toolkit's nsDragAndDrop.js, it lost the dragDropSecurityCheck method, which for SM was on nsDragAndDrop, but for FF was on tabbrowser. Moving that method from tabbrowser to toolkit's nsDragAndDrop.js, and cleaning it up a little.
This commit is contained in:
parent
20a41d4e92
commit
9c673e0431
@ -1912,7 +1912,7 @@
|
||||
/^\s*(javascript|data):/.test(url))
|
||||
return;
|
||||
|
||||
this.dragDropSecurityCheck(aEvent, aDragSession, url);
|
||||
nsDragAndDrop.dragDropSecurityCheck(aEvent, aDragSession, url);
|
||||
|
||||
var bgLoad = true;
|
||||
try {
|
||||
@ -2310,51 +2310,7 @@
|
||||
<parameter name="aUri"/>
|
||||
<body>
|
||||
<![CDATA[
|
||||
// Do a security check for drag n' drop. Make sure the
|
||||
// source document can load the dragged link.
|
||||
var sourceDoc = aDragSession.sourceDocument;
|
||||
|
||||
if (sourceDoc) {
|
||||
// Strip leading and trailing whitespace, then try to
|
||||
// create a URI from the dropped string. If that
|
||||
// succeeds, we're dropping a URI and we need to do a
|
||||
// security check to make sure the source document can
|
||||
// load the dropped URI. We don't so much care about
|
||||
// creating the real URI here (i.e. encoding differences
|
||||
// etc don't matter), we just want to know if aUri
|
||||
// really is a URI.
|
||||
|
||||
var uriStr = aUri.replace(/^\s*|\s*$/g, '');
|
||||
var uri = null;
|
||||
|
||||
try {
|
||||
uri = Components.classes["@mozilla.org/network/io-service;1"]
|
||||
.getService(Components.interfaces.nsIIOService)
|
||||
.newURI(uriStr, null, null);
|
||||
} catch (e) {
|
||||
}
|
||||
|
||||
if (uri) {
|
||||
// aUri is a URI, do the security check.
|
||||
var sourceURI = sourceDoc.documentURI;
|
||||
|
||||
const nsIScriptSecurityManager =
|
||||
Components.interfaces.nsIScriptSecurityManager;
|
||||
var secMan =
|
||||
Components.classes["@mozilla.org/scriptsecuritymanager;1"]
|
||||
.getService(nsIScriptSecurityManager);
|
||||
|
||||
try {
|
||||
secMan.checkLoadURIStr(sourceURI, uriStr,
|
||||
nsIScriptSecurityManager.STANDARD);
|
||||
} catch (e) {
|
||||
// Stop event propagation right here.
|
||||
aEvent.stopPropagation();
|
||||
|
||||
throw "Drop of " + aUri + " denied.";
|
||||
}
|
||||
}
|
||||
}
|
||||
nsDragAndDrop.dragDropSecurityCheck(aEvent, aDragSession, aUri);
|
||||
]]>
|
||||
</body>
|
||||
</method>
|
||||
|
Loading…
Reference in New Issue
Block a user