Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-09 03:15:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1370630 - Untrusted submit event shouldn't trigger form submission; r=smaug

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D28070

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Stone Shih 2019-05-23 20:30:20 +00:00
parent 047e98938e
commit 946b97b939
3 changed files with 46 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
dom/events/test/mochitest.ini
View File

@ -219,3 +219,4 @@ skip-if = toolkit == 'android' # Bug 1312791
[test_slotted_mouse_event.html]
[test_slotted_text_click.html]
[test_unbound_before_in_active_chain.html]
[test_submitevent_on_form.html]

37
dom/events/test/test_submitevent_on_form.html Normal file
View File

@ -0,0 +1,37 @@
<!DOCTYPE HTML>
<html>
<head>
<title>Test submit event on form</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<form action="javascript:doDefault()" id="form">
<input type="submit" value="Do Default Action">
</form>
<pre id="test">
<script type="application/javascript">
SimpleTest.waitForExplicitFinish();
SimpleTest.waitForFocus(runTests);
var doDefaultAction = false;
function doDefault()
{
doDefaultAction = true;
}
function runTests()
{
let form = document.getElementById("form");
form.dispatchEvent(new Event('submit'));
setTimeout(() => {
ok(!doDefaultAction, "untrusted submit event shouldn't trigger form default action");
SimpleTest.finish();
});
}
</script>
</pre>
</body>
</html>

10
dom/html/HTMLFormElement.cpp
View File

@ -405,7 +405,10 @@ void HTMLFormElement::UnbindFromTree(bool aDeep, bool aNullParent) {
void HTMLFormElement::GetEventTargetParent(EventChainPreVisitor& aVisitor) {
aVisitor.mWantsWillHandleEvent = true;
if (aVisitor.mEvent->mOriginalTarget == static_cast<nsIContent*>(this)) {
// According to the UI events spec section "Trusted events", we shouldn't
// trigger UA default action with an untrusted event except click.
if (aVisitor.mEvent->mOriginalTarget == static_cast<nsIContent*>(this) &&
aVisitor.mEvent->IsTrusted()) {
uint32_t msg = aVisitor.mEvent->mMessage;
if (msg == eFormSubmit) {
if (mGeneratingSubmit) {
@ -442,7 +445,10 @@ void HTMLFormElement::WillHandleEvent(EventChainPostVisitor& aVisitor) {
}
nsresult HTMLFormElement::PostHandleEvent(EventChainPostVisitor& aVisitor) {
if (aVisitor.mEvent->mOriginalTarget == static_cast<nsIContent*>(this)) {
// According to the UI events spec section "Trusted events", we shouldn't
// trigger UA default action with an untrusted event except click.
if (aVisitor.mEvent->mOriginalTarget == static_cast<nsIContent*>(this) &&
aVisitor.mEvent->IsTrusted()) {
EventMessage msg = aVisitor.mEvent->mMessage;
if (msg == eFormSubmit) {
// let the form know not to defer subsequent submissions