Clipboard API: Use ExecutionContext from LocalFrame instead of ScriptState.

Retrieving an ExecutionContext from the LocalFrame passed from NavigatorClipboard ensures that the correct ExecutionContext for the current clipboard operation is always used. In cross-frame circumstances, ScriptState's ExecutionContext would be that of the parent frame, but LocalFrame's ExecutionContext would be that of the child frame. This was mentioned in [1], and initially introduced in [2]. This should ensure that the incorrect (parent frame's) PermissionManager isn't requested when determining whether a permission has been granted, or when asking for permission. This CL does not fix the potential for a null dereference if the ExecutionContext is detached, as both the ExecutionContext::From and GetExecutionContext will result in a null dereference in this case. [1]: https://crrev.com/c/2016200/19/third_party/blink/renderer/modules/clipboard/clipboard_promise.cc#91 [2]: https://crrev.com/c/804973 Bug: 1002794 Change-Id: I340224959fb98d3112464f4955c6d88e537f6199 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2057006 Commit-Queue: Darwin Huang <huangdarwin@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#746506}

Clipboard API: Use ExecutionContext from LocalFrame instead of ScriptState.
Retrieving an ExecutionContext from the LocalFrame passed from NavigatorClipboard ensures that the correct ExecutionContext for the current clipboard operation is always used. In cross-frame circumstances, ScriptState's ExecutionContext would be that of the parent frame, but LocalFrame's ExecutionContext would be that of the child frame. This was mentioned in [1], and initially introduced in [2]. This should ensure that the incorrect (parent frame's) PermissionManager isn't requested when determining whether a permission has been granted, or when asking for permission. This CL does not fix the potential for a null dereference if the ExecutionContext is detached, as both the ExecutionContext::From and GetExecutionContext will result in a null dereference in this case. [1]: https://crrev.com/c/2016200/19/third_party/blink/renderer/modules/clipboard/clipboard_promise.cc#91 [2]: https://crrev.com/c/804973 Bug: 1002794 Change-Id: I340224959fb98d3112464f4955c6d88e537f6199 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2057006 Commit-Queue: Darwin Huang <huangdarwin@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#746506}
05daf314 · Darwin Huang · Commit Bot · fe83284b · 05daf314
Commit 05daf314 authored Mar 03, 2020 by Darwin Huang Committed by Commit Bot Mar 03, 2020
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 3 deletions

third_party/blink/renderer/modules/clipboard/clipboard_promise.cc ...rty/blink/renderer/modules/clipboard/clipboard_promise.cc +4 -3

No files found.
--- a/third_party/blink/renderer/modules/clipboard/clipboard_promise.cc
+++ b/third_party/blink/renderer/modules/clipboard/clipboard_promise.cc
@@ -316,10 +316,11 @@ void ClipboardPromise::HandleWriteTextWithPermission(PermissionStatus status) {

 PermissionService* ClipboardPromise::GetPermissionService() {
  DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
+  ExecutionContext* context = GetExecutionContext();
+  DCHECK(context);
  if (!permission_service_) {
    ConnectToPermissionService(
-        ExecutionContext::From(script_state_),
-        permission_service_.BindNewPipeAndPassReceiver());
+        context, permission_service_.BindNewPipeAndPassReceiver());
  }
  return permission_service_.get();
 }
@@ -333,7 +334,7 @@ void ClipboardPromise::RequestPermission(
  DCHECK(permission == mojom::blink::PermissionName::CLIPBOARD_READ ||
         permission == mojom::blink::PermissionName::CLIPBOARD_WRITE);

-  ExecutionContext* context = ExecutionContext::From(script_state_);
+  ExecutionContext* context = GetExecutionContext();
  if (!context)
    return;
  const Document& document = *Document::From(context);