Closed
Bug 184509
Opened 23 years ago
Closed 22 years ago
midas - unable to insert html (cmd_insertHTML)
Categories
(Core :: DOM: Editor, defect)
Core
DOM: Editor
Tracking
()
RESOLVED
FIXED
mozilla1.5alpha
People
(Reporter: Brade, Assigned: Brade)
Details
(Whiteboard: midas)
Attachments
(2 files, 1 obsolete file)
|
400 bytes,
text/html
|
Details | |
|
2.51 KB,
patch
|
mkaply
:
review+
kinmoz
:
superreview+
mkaply
:
approval1.4+
|
Details | Diff | Splinter Review |
Midas needs to be able to insert a table
|
Assignee | |
Updated•23 years ago
|
Status: NEW → ASSIGNED
Whiteboard: midas
|
||
Comment 1•23 years ago
|
||
Here's an example of how this works in IE:
var cursorPos =
this.opener.docView.document.selection.createRange().duplicate();
cursorPos.pasteHTML( tbl );
So what's missing is the ability to do an arbitrary paste of HTML.
|
|
Assignee | |
Comment 2•23 years ago
|
||
I'm not sure how we want to do this. I understand wanting to insert a table but
we can't allow arbitrary html to be inserted since I'm pretty sure there would
be exploits (e.g. iframe with src=file:///quickenfile.txt)
What tags can we not allow to be inserted? is IFRAME the only problematic tag?
Summary: midas - unable to insert a table → midas - unable to insert html (cmd_insertHTML)
|
|
||
Comment 3•23 years ago
|
||
I'm sorry, I still don't understand the exploit scenario.
Just inserting HTML into the iframe wouldn't cause anything to happen...
|
||
Comment 4•23 years ago
|
||
Sure it would, if the HTML that's inserted contains a <SCRIPT> tag, or an
<IFRAME SRC="javascript:DoSomethingAnnoying()">. The issue here is the
same-origin sandbox. It's OK for a script from site A to add arbitrary HTML to a
page that was also served from site A, but not to a page from site B (eg. your
bank site). AFAIK, that's already the case, so we shouldn't have any problem
here, right Kathy?
This isn't a paste from the Clipboard, is it? We don't want to allow that.
|
||
Comment 5•23 years ago
|
||
It is already possible insert any html using dom, and having a simple way to do
so at the current location of the cursor would be very usefull.
Example: The current way to make a link has you type in text, then highlight it
and then you get a popup for the url. It is much more commen and user friendly
(imho) to have both the text and url in the popup and the link added to the
location of the cursor. A inserHTML type command would make this much easier to
implement.
|
|
||
Updated•23 years ago
|
|
|
||
Comment 6•22 years ago
|
||
Mitch - so do you see anything insecure with allowing this? I could easily add
a new script element using pure DOM without this command available - it just
makes it easier for people to add their own "semantic" tags into their composition.
|
|
||
Comment 7•22 years ago
|
||
Sounds OK as long as only a script from the same host as the page being edited
can insert HTML - please verify that.
|
|
||
Comment 8•22 years ago
|
||
Can someone post a patch to turn on html insertion via midas so I can test
mstoltz's concerns?
|
|
||
Comment 9•22 years ago
|
||
should this go into 1.4 final?
|
|
Assignee | |
Comment 11•22 years ago
|
||
|
|
||
Comment 12•22 years ago
|
||
Testcase
|
|
Assignee | |
Comment 13•22 years ago
|
||
This patch works but doesn't check the content being inserted for bad things
(not sure if they're really needed); will test more tomorrow
Attachment #124484 -
Attachment is obsolete: true
|
|
Assignee | |
Updated•22 years ago
|
Attachment #124506 -
Flags: superreview?(sfraser)
Attachment #124506 -
Flags: review?(mkaply)
|
|
||
Comment 14•22 years ago
|
||
Comment on attachment 124506 [details] [diff] [review]
patch that works
sr=kin@netscape.com
==== We're not currently sending cstrings, so does this comment still apply?
+ // for inserthtml and fontface, we should send utf8 strings not cstrings
==== The checks would probably be made in editor core, so I wouldn't put this
comment in nsDocument.cpp:
+ // do some checks here for <frame>, <body>, <html>, others?
Attachment #124506 -
Flags: superreview?(sfraser) → superreview+
|
|
||
Comment 15•22 years ago
|
||
Comment on attachment 124506 [details] [diff] [review]
patch that works
r=mkaply
Attachment #124506 -
Flags: review?(mkaply) → review+
|
|
Assignee | |
Comment 16•22 years ago
|
||
Comment on attachment 124506 [details] [diff] [review]
patch that works
seeking 1.4 approval after this has baked on the trunk.
Attachment #124506 -
Flags: approval1.4?
|
|
Assignee | |
Comment 17•22 years ago
|
||
fixed for 1.5a
Documentation also updated. (mozilla/editor/docs/midas-spec.html)
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.4final
|
|
||
Comment 18•22 years ago
|
||
Comment on attachment 124506 [details] [diff] [review]
patch that works
a=mkaply for 1.4
Attachment #124506 -
Flags: approval1.4? → approval1.4+
|
|
||
Comment 19•22 years ago
|
||
did this ever land in 1.4?
|
|
Assignee | |
Comment 20•22 years ago
|
||
Doron--I believe mkaply was going to land this for 1.4 but from what I see it
did not land in the 1.4 tree (yet). It landed as revision 3.487 to
nsHTMLDocument.cpp on the trunk.
Resetting milestone to avoid confusion. If mkaply or someone else fixes for 1.4
branch, we can reset milestone to 1.4final again.
Target Milestone: mozilla1.4final → mozilla1.5alpha
|
|
||
Comment 21•22 years ago
|
||
I didn't realize this one was mine to checkin. I just approved it. Dang.
You need to log in
before you can comment on or make changes to this bug.
Description
•