Commit 199b8da4 authored by inferno@chromium.org's avatar inferno@chromium.org

2010-11-22 Abhishek Arya <inferno@chromium.org>

        Reviewed by Adam Barth.

        r71925 broke the chrome new tab page. r71925 blocked drag and drop
        of same security origin objects onto themselves if their origin is
        marked unique. We need to allow drag and drop in that scenario.
        https://bugs.webkit.org/show_bug.cgi?id=49098

        Test: http/tests/security/drag-drop-same-unique-origin.html

        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::canReceiveDragData):
2010-11-23  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Adam Barth.

        Tests that drag and drop is allowed across the same security origin object,
        even if they are marked unique.

        * http/tests/security/drag-drop-same-unique-origin-expected.txt: Added.
        * http/tests/security/drag-drop-same-unique-origin.html: Added.
        * http/tests/security/resources/drag-drop-allowed.html: Added.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@72644 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 0dd6d60f
2010-11-23 Abhishek Arya <inferno@chromium.org>
Reviewed by Adam Barth.
Tests that drag and drop is allowed across the same security origin object,
even if they are marked unique.
* http/tests/security/drag-drop-same-unique-origin-expected.txt: Added.
* http/tests/security/drag-drop-same-unique-origin.html: Added.
* http/tests/security/resources/drag-drop-allowed.html: Added.
2010-11-23 Ryosuke Niwa <rniwa@webkit.org>
Unreviewed update of GTK's skipped list.
<html>
<head>
<script>
if (window.layoutTestController) {
layoutTestController.waitUntilDone();
layoutTestController.dumpAsText();
}
</script>
</head>
<body>
<iframe src="http://127.0.0.1:8000/security/resources/drag-drop-allowed.html" sandbox="allow-scripts"></iframe>
</body>
</html>
<html>
<body onload="runTest()">
<div contenteditable>drag<img src=abe.png id=dragme>me<span id=target>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span></div>
<script>
function moveToCenter(element) {
var x, y;
x = element.offsetLeft + element.offsetWidth / 2;
y = element.offsetTop + element.offsetHeight / 2;
eventSender.mouseMoveTo(x, y);
}
function runTest() {
e = document.getElementById("dragme");
moveToCenter(e);
eventSender.mouseDown();
e = document.getElementById("target");
moveToCenter(e);
eventSender.mouseUp();
if (document.getElementById("dragme").parentNode.tagName == "SPAN" && document.getElementById("dragme").src.length > 10)
alert("PASS");
else
alert("FAIL");
layoutTestController.notifyDone();
}
</script>
</body>
</html>
2010-11-22 Abhishek Arya <inferno@chromium.org>
Reviewed by Adam Barth.
r71925 broke the chrome new tab page. r71925 blocked drag and drop
of same security origin objects onto themselves if their origin is
marked unique. We need to allow drag and drop in that scenario.
https://bugs.webkit.org/show_bug.cgi?id=49098
Test: http/tests/security/drag-drop-same-unique-origin.html
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canReceiveDragData):
2010-11-23 Cris Neckar <cdn@chromium.org>
Reviewed by Dimitri Glazkov.
......@@ -275,6 +275,9 @@ bool SecurityOrigin::taintsCanvas(const KURL& url) const
bool SecurityOrigin::canReceiveDragData(const SecurityOrigin* dragInitiator) const
{
if (this == dragInitiator)
return true;
// FIXME: Currently we treat data URLs as having a unique origin, contrary to the
// current (9/19/2009) draft of the HTML5 specification. We still want to allow
// drop across data URLs, so we special case data URLs below. If we change to
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment