The Tor Browser: content/base/src/contentAreaDropListener.js@deefc01c0e14 (annotated)

content/base/src/contentAreaDropListener.js@deefc01c0e14 (annotated)

content/base/src/contentAreaDropListener.js

Thu, 15 Jan 2015 21:03:48 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 15 Jan 2015 21:03:48 +0100
branch: TOR_BUG_9701
changeset 11: deefc01c0e14
permissions: -rw-r--r--

Integrate friendly tips from Tor colleagues to make (or not) 4.5 alpha 3;
This includes removal of overloaded (but unused) methods, and addition of
a overlooked call to DataStruct::SetData(nsISupports, uint32_t, bool.)

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");
 const Cc = Components.classes;
 const Ci = Components.interfaces;
 // This component is used for handling dragover and drop of urls.
 //
 // It checks to see whether a drop of a url is allowed. For instance, a url
 // cannot be dropped if it is not a valid uri or the source of the drag cannot
 // access the uri. This prevents, for example, a source document from tricking
 // the user into dragging a chrome url.
 function ContentAreaDropListener() { };
 ContentAreaDropListener.prototype =
 {
   classID:          Components.ID("{1f34bc80-1bc7-11d6-a384-d705dd0746fc}"),
   QueryInterface:   XPCOMUtils.generateQI([Ci.nsIDroppedLinkHandler, Ci.nsISupports]),
   _getDropURL : function (dt)
   {
     let types = dt.types;
     for (let t = 0; t < types.length; t++) {
       let type = types[t];
       switch (type) {
         case "text/uri-list":
           var url = dt.getData("URL").replace(/^\s+|\s+$/g, "");
           return [url, url];
         case "text/plain":
         case "text/x-moz-text-internal":
           var url = dt.getData(type).replace(/^\s+|\s+$/g, "");
           return [url, url];
         case "text/x-moz-url":
           return dt.getData(type).split("\n");
       }
     }
     // For shortcuts, we want to check for the file type last, so that the
     // url pointed to in one of the url types is found first before the file
     // type, which points to the actual file.
     let file = dt.mozGetDataAt("application/x-moz-file", 0);
     if (file instanceof Ci.nsIFile) {
       let ioService = Cc["@mozilla.org/network/io-service;1"].
                         getService(Ci.nsIIOService);
       let fileHandler = ioService.getProtocolHandler("file")
                                  .QueryInterface(Ci.nsIFileProtocolHandler);
       return [fileHandler.getURLSpecFromFile(file), file.leafName];
     }
     return [ ];
   },
   _validateURI: function(dataTransfer, uriString, disallowInherit)
   {
     if (!uriString)
       return "";
     // Strip leading and trailing whitespace, then try to create a
     // URI from the dropped string. If that succeeds, we're
     // dropping a URI and we need to do a security check to make
     // sure the source document can load the dropped URI.
     uriString = uriString.replace(/^\s*|\s*$/g, '');
     let uri;
     let ioService = Cc["@mozilla.org/network/io-service;1"]
                       .getService(Components.interfaces.nsIIOService);
     try {
       // Check that the uri is valid first and return an empty string if not.
       // It may just be plain text and should be ignored here
       uri = ioService.newURI(uriString, null, null);
     } catch (ex) { }
     if (!uri)
       return uriString;
     // uriString is a valid URI, so do the security check.
     let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].
                    getService(Ci.nsIScriptSecurityManager);
     let sourceNode = dataTransfer.mozSourceNode;
     let flags = secMan.STANDARD;
     if (disallowInherit)
       flags |= secMan.DISALLOW_INHERIT_PRINCIPAL;
     // Use file:/// as the default uri so that drops of file URIs are always allowed
     let principal = sourceNode ? sourceNode.nodePrincipal
                                : secMan.getSimpleCodebasePrincipal(ioService.newURI("file:///", null, null));
     secMan.checkLoadURIStrWithPrincipal(principal, uriString, flags);
     return uriString;
   },
   canDropLink: function(aEvent, aAllowSameDocument)
   {
     if (this._eventTargetIsDisabled(aEvent))
       return false;
     let dataTransfer = aEvent.dataTransfer;
     let types = dataTransfer.types;
     if (!types.contains("application/x-moz-file") &&
         !types.contains("text/x-moz-url") &&
         !types.contains("text/uri-list") &&
         !types.contains("text/x-moz-text-internal") &&
         !types.contains("text/plain"))
       return false;
     if (aAllowSameDocument)
       return true;
     let sourceNode = dataTransfer.mozSourceNode;
     if (!sourceNode)
       return true;
     // don't allow a drop of a node from the same document onto this one
     let sourceDocument = sourceNode.ownerDocument;
     let eventDocument = aEvent.originalTarget.ownerDocument;
     if (sourceDocument == eventDocument)
       return false;
     // also check for nodes in other child or sibling frames by checking
     // if both have the same top window.
     if (sourceDocument && eventDocument) {
       let sourceRoot = sourceDocument.defaultView.top;
       if (sourceRoot && sourceRoot == eventDocument.defaultView.top)
         return false;
     }
     return true;
   },
   dropLink: function(aEvent, aName, aDisallowInherit)
   {
     aName.value = "";
     if (this._eventTargetIsDisabled(aEvent))
       return "";
     let dataTransfer = aEvent.dataTransfer;
     let [url, name] = this._getDropURL(dataTransfer);
     try {
       url = this._validateURI(dataTransfer, url, aDisallowInherit);
     } catch (ex) {
       aEvent.stopPropagation();
       aEvent.preventDefault();
       throw ex;
     }
     if (name)
       aName.value = name;
     return url;
   },
   _eventTargetIsDisabled: function(aEvent)
   {
     let ownerDoc = aEvent.originalTarget.ownerDocument;
     if (!ownerDoc || !ownerDoc.defaultView)
       return false;
     return ownerDoc.defaultView
                    .QueryInterface(Components.interfaces.nsIInterfaceRequestor)
                    .getInterface(Components.interfaces.nsIDOMWindowUtils)
                    .isNodeDisabledForEvents(aEvent.originalTarget);
   }
 };
 var components = [ContentAreaDropListener];
 this.NSGetFactory = XPCOMUtils.generateNSGetFactory(components);