Issue metadata
Sign in to add a comment
|
new DataTransfer constructor allows to set input[type="file"].files to arbitrary files
Reported by
tristan....@gmail.com,
Dec 4 2017
|
||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:58.0) Gecko/20100101 Firefox/58.0 Steps to reproduce the problem: 1. Create a new DataTransfer object by calling new window.DataTransfer(); 2. Set this DataTransfer's drag-data to a script generated File 3. Set this DataTransfer's files as the files property of an input[type=file] What is the expected behavior? According to specs[1]... what you do is correct. The drag-data's mode should indeed be set as *read/write*, thus allowing scripts to modify it. What went wrong? The end result may not be intended though. Did this work before? N/A Does this work in other browsers? N/A Chrome version: <Copy from: 'about:version'> Channel: n/a OS Version: OS X 10.12 Flash Version: I realize this would be more a bug in specs, but wanted to let you know about it in case you didn't want to allow such behavior, since chrome seems to be the only browser to have implemented the DataTransfer constructor. [1] https://html.spec.whatwg.org/multipage/dnd.html#datatransfer
,
Dec 5 2017
Thank you very much for bringing this up! For better or worse, folks have already found ways to get files from the File constructor into <input type="file"> very soon after I implemented the constructor -- See https://crrev.com/235373005 While the steps are much simpler this time around, I think we've already dealt with the consequences of having JS-constructed Files in <input type="file">. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by tristan....@gmail.com
, Dec 4 2017