DragEnter grants both read and navigate permissions to files.

DragEnter grants both read and navigate permissions to files.

Calling ChildProcessSecurityPolicy::GrantReadFile() ought to be sufficient for the renderer to process files dragged into it. Giving the GrantRequestURL() permission is excessive.

BUG=127525
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=137184

[abarth-chromium, 2012-05-11 21:41:52]

Yeah, I think we were using GrantRequestURL before GrantFileRead existed.  Can
we test this change?

[Tom Sepez, 2012-05-11 21:43:56]

That is the question of the moment.  I don't have the answer for it.

[Tom Sepez, 2012-05-14 17:16:48]

> That is the question of the moment.  I don't have the answer for it.
Hey Charlie, can you think of any other tests that might help here (besides
rolling it into a canary and watching closely)?

[Charlie Reis, 2012-05-14 20:09:43]

On 2012/05/14 17:16:48, Tom Sepez wrote:
> > That is the question of the moment.  I don't have the answer for it.
> Hey Charlie, can you think of any other tests that might help here (besides
> rolling it into a canary and watching closely)?

Maybe you can add one like RenderViewHostTest.DragEnteredFileURLsStillBlocked to
ensure it hasn't been granted file URL requesting privileges?

Actually, looking more closely at that one, why isn't it catching this exact
problem?  Perhaps it's testing that drag alone isn't sufficient, and drop is
also required?  If so, that test should probably check for GrantFileRead rather
than GrantRequestURL now.

[Tom Sepez, 2012-05-14 21:55:36]

> why isn't it catching this?
Because the WebDropData::url member is treated differently than the
WebDropData::filenames member. To catch this, you have to pass in a filenames
vector (actual selected vector).  I'm improving the test now.

[Tom Sepez, 2012-05-14 23:08:25]

Reviewers:  Please review.  Thanks.

[jam, 2012-05-15 16:48:37]

On 2012/05/14 23:08:25, Tom Sepez wrote:
> Reviewers:  Please review.  Thanks.

I defer my lgtm to abarth/creis

[abarth-chromium, 2012-05-15 18:17:27]

LGTM.  Sorry, I missed the fact that you added a test.  Thanks!

[Charlie Reis, 2012-05-17 17:34:14]

LGTM, provided that's the intended behavior for the test.  (I'm not familiar
with the drag n drop API, but I found it surprising that DragEnter was
sufficient to grant FileRead, and that "drop" wasn't required.)