Bug 383252: Cannot drag / drop URL or link onto tabbar, r=mconnor

When SeaMonkey switched to toolkit's nsDragAndDrop.js, it lost the dragDropSecurityCheck method, which for SM was on nsDragAndDrop, but for FF was on tabbrowser.

Moving that method from tabbrowser to toolkit's nsDragAndDrop.js, and cleaning it up a little.
This commit is contained in:
jag%tty.nl 2007-08-22 05:06:11 +00:00
Родитель 753d3cae17
Коммит d3380231f0
1 изменённых файлов: 2 добавлений и 46 удалений

Просмотреть файл

@ -1912,7 +1912,7 @@
/^\s*(javascript|data):/.test(url))
return;
this.dragDropSecurityCheck(aEvent, aDragSession, url);
nsDragAndDrop.dragDropSecurityCheck(aEvent, aDragSession, url);
var bgLoad = true;
try {
@ -2310,51 +2310,7 @@
<parameter name="aUri"/>
<body>
<![CDATA[
// Do a security check for drag n' drop. Make sure the
// source document can load the dragged link.
var sourceDoc = aDragSession.sourceDocument;
if (sourceDoc) {
// Strip leading and trailing whitespace, then try to
// create a URI from the dropped string. If that
// succeeds, we're dropping a URI and we need to do a
// security check to make sure the source document can
// load the dropped URI. We don't so much care about
// creating the real URI here (i.e. encoding differences
// etc don't matter), we just want to know if aUri
// really is a URI.
var uriStr = aUri.replace(/^\s*|\s*$/g, '');
var uri = null;
try {
uri = Components.classes["@mozilla.org/network/io-service;1"]
.getService(Components.interfaces.nsIIOService)
.newURI(uriStr, null, null);
} catch (e) {
}
if (uri) {
// aUri is a URI, do the security check.
var sourceURI = sourceDoc.documentURI;
const nsIScriptSecurityManager =
Components.interfaces.nsIScriptSecurityManager;
var secMan =
Components.classes["@mozilla.org/scriptsecuritymanager;1"]
.getService(nsIScriptSecurityManager);
try {
secMan.checkLoadURIStr(sourceURI, uriStr,
nsIScriptSecurityManager.STANDARD);
} catch (e) {
// Stop event propagation right here.
aEvent.stopPropagation();
throw "Drop of " + aUri + " denied.";
}
}
}
nsDragAndDrop.dragDropSecurityCheck(aEvent, aDragSession, aUri);
]]>
</body>
</method>