ma1 pushed to branch mullvad-browser-115.14.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser

Commits: 56186dd9 by hackademix at 2024-08-22T00:37:37+02:00 fixup! Bug 42835: Create an actor to filter file data transfers

Bug 43064: Make file filtering more specific

- - - - -

1 changed file:

- toolkit/actors/FilesFilterChild.sys.mjs

Changes:

===================================== toolkit/actors/FilesFilterChild.sys.mjs ===================================== @@ -12,11 +12,14 @@ ChromeUtils.defineLazyGetter(lazy, "console", () => {

export class FilesFilterChild extends JSWindowActorChild { handleEvent(event) { + if (!Services.prefs.getBoolPref("browser.filesfilter.enabled", true)) { + return; + } // drop or paste const { composedTarget } = event; const dt = event.clipboardData || event.dataTransfer;

- if (dt.files.length) { + if ([...dt.files].some(f => f.mozFullPath)) { if ( ["HTMLInputElement", "HTMLTextAreaElement"].includes( ChromeUtils.getClassName(composedTarget) @@ -25,7 +28,7 @@ export class FilesFilterChild extends JSWindowActorChild { event.preventDefault(); lazy.console.log( `Preventing path leak on ${event.type} for ${[...dt.files] - .map(f => f.name) + .map(f => `${f.name} (${f.mozFullPath})`) .join(", ")}.` ); } @@ -33,7 +36,7 @@ export class FilesFilterChild extends JSWindowActorChild { }

// "Paste Without Formatting" (ctrl+shift+V) in HTML editors coerces files into paths - if (!(event.clipboardData && dt.getData("text"))) { + if (!(event.clipboardData && /[/\]/.test(dt.getData("text")))) { return; }

View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5618...