Render images in the sandbox for the context menu |
||
Issue descriptionThere may be malicious code in the javascript for images. To prevent any possible damages, we encode and decode the image again, but this time in the sandbox.
,
Jun 23 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/d698fa98c4731a224995ef1c581ad42cab0820b2 commit d698fa98c4731a224995ef1c581ad42cab0820b2 Author: injae <injae@google.com> Date: Fri Jun 23 19:39:30 2017 Rendering the image in the sandbox for security Handled case where image decode would fail because of malicious code If malicious code is found, the sad tab image is displayed as the thumbnail in the context menu Changed Callback<Type> from byte[] to Bitmap Changed native code to use the SkBitmap to a JavaBitmap Added logic to decode image a second time for the context menu BUG= 734665 Review-Url: https://codereview.chromium.org/2945903002 Cr-Commit-Position: refs/heads/master@{#481991} [modify] https://crrev.com/d698fa98c4731a224995ef1c581ad42cab0820b2/chrome/android/java/src/org/chromium/chrome/browser/contextmenu/ContextMenuHelper.java [modify] https://crrev.com/d698fa98c4731a224995ef1c581ad42cab0820b2/chrome/android/java/src/org/chromium/chrome/browser/contextmenu/TabularContextMenuUi.java [modify] https://crrev.com/d698fa98c4731a224995ef1c581ad42cab0820b2/chrome/browser/ui/android/context_menu_helper.cc [modify] https://crrev.com/d698fa98c4731a224995ef1c581ad42cab0820b2/chrome/browser/ui/android/context_menu_helper.h
,
Jun 29 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by danielpark@chromium.org
, Jun 19 2017