feat: route deprecated sync clipboard read through permission checks (#45471)
* feat: route deprecated clipboard commands through permission checks Co-authored-by: deepak1556 <hop2deep@gmail.com> * docs: address review feedback Co-authored-by: deepak1556 <hop2deep@gmail.com> * fix: enable checks for child windows Co-authored-by: deepak1556 <hop2deep@gmail.com> --------- Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com> Co-authored-by: deepak1556 <hop2deep@gmail.com>
This commit is contained in:
trop[bot]
GitHub
parent
51170c3652
commit
46c9ed61da
30 changed files with 441 additions and 35 deletions
|
|
@ -128,7 +128,7 @@ fix_font_face_resolution_when_renderer_is_blocked.patch
|
|||
feat_enable_passing_exit_code_on_service_process_crash.patch
|
||||
chore_remove_reference_to_chrome_browser_themes.patch
|
||||
feat_enable_customizing_symbol_color_in_framecaptionbutton.patch
|
||||
build_expose_webplugininfo_interface_to_electron.patch
|
||||
build_allow_electron_mojom_interfaces_to_depend_on_blink.patch
|
||||
osr_shared_texture_remove_keyed_mutex_on_win_dxgi.patch
|
||||
feat_allow_usage_of_sccontentsharingpicker_on_supported_platforms.patch
|
||||
chore_partial_revert_of.patch
|
||||
|
|
@ -140,3 +140,4 @@ build_add_public_config_simdutf_config.patch
|
|||
revert_code_health_clean_up_stale_macwebcontentsocclusion.patch
|
||||
feat_add_signals_when_embedder_cleanup_callbacks_run_for.patch
|
||||
build_remove_vr_directx_helpers_dependency.patch
|
||||
feat_separate_content_settings_callback_for_sync_and_async_clipboard.patch
|
||||
|
|
|
|||
|
|
@ -1,20 +1,24 @@
|
|||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: deepak1556 <hop2deep@gmail.com>
|
||||
Date: Fri, 9 Aug 2024 22:39:47 +0900
|
||||
Subject: build: expose webplugininfo interface to electron
|
||||
Subject: build: allow electron mojom interfaces to depend on blink
|
||||
mojom_platform
|
||||
|
||||
Allows implementing electron::mojom::ElectronPluginInfoHost interface
|
||||
which provides plugin details between browser<->renderer.
|
||||
Needed for:
|
||||
|
||||
1) //electron/shell/common:plugin
|
||||
2) //electron/shell/common:web_contents_utility
|
||||
|
||||
diff --git a/content/public/common/BUILD.gn b/content/public/common/BUILD.gn
|
||||
index 659f500a47eb0f2d1f753dee2b234bb7bf1027d4..46e4714e14a5992b30ea8bfa99c126e5f1d2c3eb 100644
|
||||
index 659f500a47eb0f2d1f753dee2b234bb7bf1027d4..8f6e733b1ae1081f19a090cbdf2372b164e514a8 100644
|
||||
--- a/content/public/common/BUILD.gn
|
||||
+++ b/content/public/common/BUILD.gn
|
||||
@@ -379,6 +379,7 @@ mojom("interfaces") {
|
||||
@@ -379,6 +379,8 @@ mojom("interfaces") {
|
||||
"//content/common/*",
|
||||
"//extensions/common:mojom",
|
||||
"//extensions/common:mojom_blink",
|
||||
+ "//electron/shell/common:plugin",
|
||||
+ "//electron/shell/common:web_contents_utility",
|
||||
]
|
||||
|
||||
sources = [
|
||||
|
|
@ -0,0 +1,114 @@
|
|||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: deepak1556 <hop2deep@gmail.com>
|
||||
Date: Thu, 30 Jan 2025 20:28:38 +0900
|
||||
Subject: feat: separate content settings callback for sync and async clipboard
|
||||
|
||||
`AllowReadFromClipboard` is called from both the types without a way to differentiate.
|
||||
|
||||
[sync path] - third_party/blink/renderer/core/editing/commands/clipboard_commands.cc
|
||||
[async path] - third_party/blink/renderer/modules/clipboard/clipboard_promise.cc
|
||||
|
||||
This patch adds a new callback to separate these two paths so that we
|
||||
can have sync permission checks for the sync path.
|
||||
|
||||
Additionally, `blink::PermissionType::DEPRECATED_SYNC_CLIPBOARD_READ`
|
||||
has been added to support type conversion in permission policy checks. We have extended
|
||||
`blink::PermissionType` in `electron::WebContentsPermissionHelper::PermissionType`
|
||||
but it is hard to import the latter into the content permission layer checks.
|
||||
|
||||
This patch will be removed when the deprecated sync api support is
|
||||
removed.
|
||||
|
||||
diff --git a/components/permissions/permission_util.cc b/components/permissions/permission_util.cc
|
||||
index 0265815ae3b300c1c0637686e212d3a1c55fdd1b..eb7ea287de24a2563604e639de3bb783d80d98eb 100644
|
||||
--- a/components/permissions/permission_util.cc
|
||||
+++ b/components/permissions/permission_util.cc
|
||||
@@ -384,6 +384,7 @@ ContentSettingsType PermissionUtil::PermissionTypeToContentSettingsTypeSafe(
|
||||
return ContentSettingsType::AUTOMATIC_FULLSCREEN;
|
||||
case PermissionType::WEB_APP_INSTALLATION:
|
||||
return ContentSettingsType::WEB_APP_INSTALLATION;
|
||||
+ case PermissionType::DEPRECATED_SYNC_CLIPBOARD_READ:
|
||||
case PermissionType::NUM:
|
||||
break;
|
||||
}
|
||||
diff --git a/content/browser/permissions/permission_controller_impl.cc b/content/browser/permissions/permission_controller_impl.cc
|
||||
index e991887c103618b35688cf72307ca05fdb202e6e..54894f3412d42264eae80d767be5215e52f08184 100644
|
||||
--- a/content/browser/permissions/permission_controller_impl.cc
|
||||
+++ b/content/browser/permissions/permission_controller_impl.cc
|
||||
@@ -86,6 +86,7 @@ PermissionToSchedulingFeature(PermissionType permission_name) {
|
||||
case PermissionType::POINTER_LOCK:
|
||||
case PermissionType::AUTOMATIC_FULLSCREEN:
|
||||
case PermissionType::WEB_APP_INSTALLATION:
|
||||
+ case PermissionType::DEPRECATED_SYNC_CLIPBOARD_READ:
|
||||
return std::nullopt;
|
||||
}
|
||||
}
|
||||
diff --git a/third_party/blink/common/permissions/permission_utils.cc b/third_party/blink/common/permissions/permission_utils.cc
|
||||
index dfcd99a4336db5c5b8b722c6612b8abbf419a08f..9f074285203e6ee408abf8275f3070221b0d25c0 100644
|
||||
--- a/third_party/blink/common/permissions/permission_utils.cc
|
||||
+++ b/third_party/blink/common/permissions/permission_utils.cc
|
||||
@@ -99,6 +99,8 @@ std::string GetPermissionString(PermissionType permission) {
|
||||
return "AutomaticFullscreen";
|
||||
case PermissionType::WEB_APP_INSTALLATION:
|
||||
return "WebAppInstallation";
|
||||
+ case PermissionType::DEPRECATED_SYNC_CLIPBOARD_READ:
|
||||
+ return "DeprecatedSyncClipboardRead";
|
||||
case PermissionType::NUM:
|
||||
NOTREACHED();
|
||||
}
|
||||
@@ -171,6 +173,7 @@ PermissionTypeToPermissionsPolicyFeature(PermissionType permission) {
|
||||
case PermissionType::NOTIFICATIONS:
|
||||
case PermissionType::KEYBOARD_LOCK:
|
||||
case PermissionType::POINTER_LOCK:
|
||||
+ case PermissionType::DEPRECATED_SYNC_CLIPBOARD_READ:
|
||||
return std::nullopt;
|
||||
|
||||
case PermissionType::NUM:
|
||||
diff --git a/third_party/blink/public/common/permissions/permission_utils.h b/third_party/blink/public/common/permissions/permission_utils.h
|
||||
index ae03b7f099d30c157cfda7d1beb7c535d3615471..ca287e7a5271ee83c393de6c1fe347973f4292ba 100644
|
||||
--- a/third_party/blink/public/common/permissions/permission_utils.h
|
||||
+++ b/third_party/blink/public/common/permissions/permission_utils.h
|
||||
@@ -64,6 +64,7 @@ enum class PermissionType {
|
||||
AUTOMATIC_FULLSCREEN = 40,
|
||||
HAND_TRACKING = 41,
|
||||
WEB_APP_INSTALLATION = 42,
|
||||
+ DEPRECATED_SYNC_CLIPBOARD_READ = 43,
|
||||
|
||||
// Always keep this at the end.
|
||||
NUM,
|
||||
diff --git a/third_party/blink/public/platform/web_content_settings_client.h b/third_party/blink/public/platform/web_content_settings_client.h
|
||||
index 28f616f21f998c7cd1c794e58efaccf9e6c11e6e..c64896642209124e500db2ed6fe2357e426cd10b 100644
|
||||
--- a/third_party/blink/public/platform/web_content_settings_client.h
|
||||
+++ b/third_party/blink/public/platform/web_content_settings_client.h
|
||||
@@ -55,6 +55,9 @@ class WebContentSettingsClient {
|
||||
// Controls whether access to write the clipboard is allowed for this frame.
|
||||
virtual bool AllowWriteToClipboard() { return false; }
|
||||
|
||||
+ // Controls whether synchronous access to read the clipboard is allowed for this frame.
|
||||
+ virtual bool AllowReadFromClipboardSync() { return false; }
|
||||
+
|
||||
// Controls whether to enable MutationEvents for this frame.
|
||||
// The common use case of this method is actually to selectively disable
|
||||
// MutationEvents, but it's been named for consistency with the rest of the
|
||||
diff --git a/third_party/blink/renderer/core/editing/commands/clipboard_commands.cc b/third_party/blink/renderer/core/editing/commands/clipboard_commands.cc
|
||||
index 271ca7ba88fc92b8f6bad5ee4cffedf7f1b05aee..d8d01062de4af45a59eb10a1c0fa046a4adf1894 100644
|
||||
--- a/third_party/blink/renderer/core/editing/commands/clipboard_commands.cc
|
||||
+++ b/third_party/blink/renderer/core/editing/commands/clipboard_commands.cc
|
||||
@@ -121,7 +121,7 @@ bool ClipboardCommands::CanReadClipboard(LocalFrame& frame,
|
||||
return true;
|
||||
}
|
||||
return frame.GetContentSettingsClient() &&
|
||||
- frame.GetContentSettingsClient()->AllowReadFromClipboard();
|
||||
+ frame.GetContentSettingsClient()->AllowReadFromClipboardSync();
|
||||
}
|
||||
|
||||
bool ClipboardCommands::CanWriteClipboard(LocalFrame& frame,
|
||||
@@ -310,7 +310,7 @@ bool ClipboardCommands::PasteSupported(LocalFrame* frame) {
|
||||
return true;
|
||||
}
|
||||
return frame->GetContentSettingsClient() &&
|
||||
- frame->GetContentSettingsClient()->AllowReadFromClipboard();
|
||||
+ frame->GetContentSettingsClient()->AllowReadFromClipboardSync();
|
||||
}
|
||||
|
||||
bool ClipboardCommands::ExecuteCopy(LocalFrame& frame,
|
||||
Loading…
Add table
Add a link
Reference in a new issue