Check whether events are trusted before executing listeners

author: mrmr1993 2017-08-18 18:41:51 +0100
committer: mrmr1993 2017-08-18 18:51:45 +0100
commit: d946a98df10bf1ae5bb02e5cd7eaa2a0c3a06aad (patch)
tree: d8a6ed02e1efacf43c245b336eb36c04df27402d
parent: 696feed903fe815af50c89b1badbb1e5680d6921 (diff)
download: vimium-d946a98df10bf1ae5bb02e5cd7eaa2a0c3a06aad.tar.bz2
6 files changed, 26 insertions, 14 deletions
diff --git a/content_scripts/mode_find.coffee b/content_scripts/mode_find.coffee
index 77d3762d..5a2da741 100644
--- a/content_scripts/mode_find.coffee
+++ b/content_scripts/mode_find.coffee
@@ -199,7 +199,7 @@ class FindMode extends Mode
 
     result
 
-  @restoreDefaultSelectionHighlight: -> document.body.classList.remove("vimiumFindMode")
+  @restoreDefaultSelectionHighlight: forTrusted -> document.body.classList.remove("vimiumFindMode")
 
   checkReturnToViewPort: ->
     window.scrollTo @scrollX, @scrollY if @options.returnToViewport
diff --git a/content_scripts/mode_insert.coffee b/content_scripts/mode_insert.coffee
index a4f1836d..1dc66d52 100644
--- a/content_scripts/mode_insert.coffee
+++ b/content_scripts/mode_insert.coffee
@@ -65,7 +65,7 @@ class InsertMode extends Mode
           eventListeners = {}
           for type in [ "focus", "blur" ]
             eventListeners[type] = do (type) ->
-              (event) -> handlerStack.bubbleEvent type, event
+              forTrusted (event) -> handlerStack.bubbleEvent type, event
             shadowRoot.addEventListener type, eventListeners[type], true
 
           handlerStack.push
diff --git a/content_scripts/vimium_frontend.coffee b/content_scripts/vimium_frontend.coffee
index e84346e1..dae25f5c 100644
--- a/content_scripts/vimium_frontend.coffee
+++ b/content_scripts/vimium_frontend.coffee
@@ -10,8 +10,10 @@ normalMode = null
 windowIsFocused = do ->
   windowHasFocus = null
   DomUtils.documentReady -> windowHasFocus = document.hasFocus()
-  window.addEventListener "focus", (event) -> windowHasFocus = true if event.target == window; true
-  window.addEventListener "blur", (event) -> windowHasFocus = false if event.target == window; true
+  window.addEventListener "focus", forTrusted (event) ->
+    windowHasFocus = true if event.target == window; true
+  window.addEventListener "blur", forTrusted (event) ->
+    windowHasFocus = false if event.target == window; true
   -> windowHasFocus
 
 # The types in <input type="..."> that we consider for focusInput command. Right now this is recalculated in
@@ -193,9 +195,9 @@ initializePreDomReady = ->
 
 # Wrapper to install event listeners.  Syntactic sugar.
 installListener = (element, event, callback) ->
-  element.addEventListener(event, ->
+  element.addEventListener(event, forTrusted(->
     if isEnabledForUrl then callback.apply(this, arguments) else true
-  , true)
+  ), true)
 
 #
 # Installing or uninstalling listeners is error prone. Instead we elect to check isEnabledForUrl each time so
@@ -216,7 +218,7 @@ installListeners = Utils.makeIdempotent ->
 # - Tell the background page this frame's URL.
 # - Check if we should be enabled.
 #
-onFocus = (event) ->
+onFocus = forTrusted (event) ->
   if event.target == window
     chrome.runtime.sendMessage handler: "frameFocused"
     checkIfEnabledForUrl true
@@ -248,9 +250,9 @@ Frame =
         window.removeEventListener "focus", focusHandler
         window.removeEventListener "resize", resizeHandler
         Frame.postMessage "registerFrame"
-      window.addEventListener "focus", focusHandler = (event) ->
+      window.addEventListener "focus", focusHandler = forTrusted (event) ->
         postRegisterFrame() if event.target == window
-      window.addEventListener "resize", resizeHandler = (event) ->
+      window.addEventListener "resize", resizeHandler = forTrusted (event) ->
         postRegisterFrame() unless DomUtils.windowIsTooSmall()
 
   init: ->
@@ -261,7 +263,7 @@ Frame =
 
     # We disable the content scripts when we lose contact with the background page, or on unload.
     @port.onDisconnect.addListener disconnect = Utils.makeIdempotent => @disconnect()
-    window.addEventListener "unload", disconnect
+    window.addEventListener "unload", forTrusted disconnect
 
   disconnect: ->
     try @postMessage "unregisterFrame"
@@ -404,7 +406,7 @@ extend window,
     # Track the most recently focused input element.
     recentlyFocusedElement = null
     window.addEventListener "focus",
-      (event) -> recentlyFocusedElement = event.target if DomUtils.isEditable event.target
+      forTrusted (event) -> recentlyFocusedElement = event.target if DomUtils.isEditable event.target
     , true
 
     (count) ->
@@ -502,7 +504,7 @@ checkIfEnabledForUrl = do ->
 
 # When we're informed by the background page that a URL in this tab has changed, we check if we have the
 # correct enabled state (but only if this frame has the focus).
-checkEnabledAfterURLChange = ->
+checkEnabledAfterURLChange = forTrusted ->
   checkIfEnabledForUrl() if windowIsFocused()
 
 handleEscapeForFindMode = ->
diff --git a/lib/dom_utils.coffee b/lib/dom_utils.coffee
index c21d5a29..d0bd4615 100644
--- a/lib/dom_utils.coffee
+++ b/lib/dom_utils.coffee
@@ -5,7 +5,7 @@ DomUtils =
   documentReady: do ->
     [isReady, callbacks] = [document.readyState != "loading", []]
     unless isReady
-      window.addEventListener "DOMContentLoaded", onDOMContentLoaded = ->
+      window.addEventListener "DOMContentLoaded", onDOMContentLoaded = forTrusted ->
         window.removeEventListener "DOMContentLoaded", onDOMContentLoaded
         isReady = true
         callback() for callback in callbacks
@@ -16,7 +16,7 @@ DomUtils =
   documentComplete: do ->
     [isComplete, callbacks] = [document.readyState == "complete", []]
     unless isComplete
-      window.addEventListener "load", onLoad = ->
+      window.addEventListener "load", onLoad = forTrusted ->
         window.removeEventListener "load", onLoad
         isComplete = true
         callback() for callback in callbacks
diff --git a/lib/utils.coffee b/lib/utils.coffee
index babb5f96..78eed12c 100644
--- a/lib/utils.coffee
+++ b/lib/utils.coffee
@@ -1,3 +1,11 @@
+# Only pass events to the handler if they are marked as trusted by the browser.
+# This is kept in the global namespace for brevity and ease of use.
+window.forTrusted ?= (handler) -> (event) ->
+  if event?.isTrusted
+    handler.apply this, arguments
+  else
+    true
+
 Utils =
   getCurrentVersion: ->
     chrome.runtime.getManifest().version
diff --git a/tests/dom_tests/chrome.coffee b/tests/dom_tests/chrome.coffee
index d4e6930d..1d04b654 100644
--- a/tests/dom_tests/chrome.coffee
+++ b/tests/dom_tests/chrome.coffee
@@ -7,6 +7,8 @@ root.chromeMessages = []
 
 document.hasFocus = -> true
 
+window.forTrusted = (handler) -> handler
+
 fakeManifest =
   version: "1.51"
author	mrmr1993	2017-08-18 18:41:51 +0100
committer	mrmr1993	2017-08-18 18:51:45 +0100
commit	d946a98df10bf1ae5bb02e5cd7eaa2a0c3a06aad (patch)
tree	d8a6ed02e1efacf43c245b336eb36c04df27402d
parent	696feed903fe815af50c89b1badbb1e5680d6921 (diff)
download	vimium-d946a98df10bf1ae5bb02e5cd7eaa2a0c3a06aad.tar.bz2