Stowage/ladybird
2
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-12-07 21:59:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

LibWeb: Avoid invoking Trusted Types where avoidable

Browse source 
Prevents observably calling Trusted Types, which can run arbitrary JS,
cause crashes due to use of MUST and allow arbitrary JS to modify
internal elements.
This commit is contained in:
Luke Wilde 2025-10-31 12:30:47 +00:00 committed by Tim Flynn
parent fb9406ddcd
commit 82bd3d3891
Notes: github-actions[bot] 2025-11-06 16:46:00 +00:00
83 changed files with 407 additions and 366 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Libraries/LibWeb/Page/EventHandler.cpp
View file

@ -1305,7 +1305,7 @@ EventResult EventHandler::handle_keydown(UIEvents::KeyCode key, u32 modifiers, u
auto focused_area = m_navigable->active_document()->focused_area();
if (auto* media_element = as_if<HTML::HTMLMediaElement>(focused_area.ptr())) {
if (media_element->handle_keydown({}, key, modifiers).release_value_but_fixme_should_propagate_errors())
if (media_element->handle_keydown({}, key, modifiers))
return EventResult::Handled;
}

26
Libraries/LibWeb/Page/Page.cpp
View file

@ -515,21 +515,19 @@ void Page::did_request_media_context_menu(UniqueNodeID media_id, CSSPixelPoint p
client().page_did_request_media_context_menu(position, target, modifiers, menu);
}
WebIDL::ExceptionOr<void> Page::toggle_media_play_state()
void Page::toggle_media_play_state()
{
auto media_element = media_context_menu_element();
if (!media_element)
return {};
return;
// AD-HOC: An execution context is required for Promise creation hooks.
HTML::TemporaryExecutionContext execution_context { media_element->realm() };
if (media_element->potentially_playing())
TRY(media_element->pause());
media_element->pause();
else
TRY(media_element->play());
return {};
media_element->play();
}
void Page::toggle_media_mute_state()
@ -544,11 +542,11 @@ void Page::toggle_media_mute_state()
media_element->set_muted(!media_element->muted());
}
WebIDL::ExceptionOr<void> Page::toggle_media_loop_state()
void Page::toggle_media_loop_state()
{
auto media_element = media_context_menu_element();
if (!media_element)
return {};
return;
// AD-HOC: An execution context is required for Promise creation hooks.
HTML::TemporaryExecutionContext execution_context { media_element->realm() };
@ -556,25 +554,21 @@ WebIDL::ExceptionOr<void> Page::toggle_media_loop_state()
if (media_element->has_attribute(HTML::AttributeNames::loop))
media_element->remove_attribute(HTML::AttributeNames::loop);
else
TRY(media_element->set_attribute(HTML::AttributeNames::loop, String {}));
return {};
media_element->set_attribute_value(HTML::AttributeNames::loop, String {});
}
WebIDL::ExceptionOr<void> Page::toggle_media_controls_state()
void Page::toggle_media_controls_state()
{
auto media_element = media_context_menu_element();
if (!media_element)
return {};
return;
HTML::TemporaryExecutionContext execution_context { media_element->realm() };
if (media_element->has_attribute(HTML::AttributeNames::controls))
media_element->remove_attribute(HTML::AttributeNames::controls);
else
TRY(media_element->set_attribute(HTML::AttributeNames::controls, String {}));
return {};
media_element->set_attribute_value(HTML::AttributeNames::controls, String {});
}
void Page::toggle_page_mute_state()

6
Libraries/LibWeb/Page/Page.h
View file

@ -194,10 +194,10 @@ public:
bool is_looping { false };
};
void did_request_media_context_menu(UniqueNodeID media_id, CSSPixelPoint, ByteString const& target, unsigned modifiers, MediaContextMenu const&);
WebIDL::ExceptionOr<void> toggle_media_play_state();
void toggle_media_play_state();
void toggle_media_mute_state();
WebIDL::ExceptionOr<void> toggle_media_loop_state();
WebIDL::ExceptionOr<void> toggle_media_controls_state();
void toggle_media_loop_state();
void toggle_media_controls_state();
HTML::MuteState page_mute_state() const { return m_mute_state; }
void toggle_page_mute_state();