diff --git a/dom/events/DataTransfer.cpp b/dom/events/DataTransfer.cpp index 51df5133e807..243b102d430a 100644 --- a/dom/events/DataTransfer.cpp +++ b/dom/events/DataTransfer.cpp @@ -570,21 +570,17 @@ bool DataTransfer::PrincipalMaySetData(const nsAString& aType, return false; } - if (aType.EqualsASCII(kFileMime) || aType.EqualsASCII(kFilePromiseMime)) { - NS_WARNING( - "Disallowing adding x-moz-file or x-moz-file-promize types to " - "DataTransfer"); - return false; - } - - // Disallow content from creating x-moz-place flavors, so that it cannot - // create fake Places smart queries exposing user data, but give a free - // pass to WebExtensions. - auto principal = BasePrincipal::Cast(aPrincipal); - if (!principal->AddonPolicy() && - StringBeginsWith(aType, u"text/x-moz-place"_ns)) { - NS_WARNING("Disallowing adding moz-place types to DataTransfer"); - return false; + // Don't allow adding internal types of the form */x-moz-*, but + // special-case the url types as they are simple variations of urls. + // In addition, allow x-moz-place flavors to be added by WebExtensions. + if (FindInReadable(kInternal_Mimetype_Prefix, aType) && + !StringBeginsWith(aType, u"text/x-moz-url"_ns)) { + auto principal = BasePrincipal::Cast(aPrincipal); + if (!principal->AddonPolicy() || + !StringBeginsWith(aType, u"text/x-moz-place"_ns)) { + NS_WARNING("Disallowing adding this type to DataTransfer"); + return false; + } } } diff --git a/widget/nsITransferable.idl b/widget/nsITransferable.idl index 5a429b8cb7c3..71f611cb227a 100644 --- a/widget/nsITransferable.idl +++ b/widget/nsITransferable.idl @@ -14,12 +14,17 @@ interface nsIPrincipal; %{ C++ +// Internal formats must have their second part starting with 'x-moz-', +// for example text/x-moz-internaltype. These cannot be assigned by +// unprivileged content but all other types can. +#define kInternal_Mimetype_Prefix u"/x-moz-"_ns + // these probably shouldn't live here, but in some central repository shared // by the entire app. #define kTextMime "text/plain" #define kRTFMime "text/rtf" #define kUnicodeMime "text/unicode" -#define kMozTextInternal "text/x-moz-text-internal" // text data which isn't suppoed to be parsed by other apps. +#define kMozTextInternal "text/x-moz-text-internal" // text data which isn't suppoed to be parsed by other apps. #define kHTMLMime "text/html" #define kAOLMailMime "AOLMAIL" #define kPNGImageMime "image/png" @@ -46,7 +51,7 @@ interface nsIPrincipal; // local application handler for the request's MIME type accepts images with // the given filename extension (from kFilePromiseDestFilename). When the // image is dragged out, we replace the extension with a compatible extension. -#define kImageRequestMime "text/_moz_requestmime" +#define kImageRequestMime "text/x-moz-requestmime" // the source URL for a file promise #define kFilePromiseURLMime "application/x-moz-file-promise-url"