Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reverts Chromium's [Clipboard API] Remove user gesture requirement fo… #14901

Merged
merged 1 commit into from
Aug 31, 2022

Conversation

mkarolin
Copy link
Collaborator

@mkarolin mkarolin commented Aug 30, 2022

…r read/writeText.

We should not relax the gesture requirement.

Chromium change:

https://chromium.googlesource.com/chromium/src/+/4d7b74b051abfe5945f418601fdc2ffc8ce3072c

commit 4d7b74b051abfe5945f418601fdc2ffc8ce3072c
Author: Anupam Snigdha [email protected]
Date: Tue Jun 7 16:36:28 2022 +0000

[Clipboard API] Remove user gesture requirement for read/writeText.

Adding user gesture requirement for readText and writeText APIs
breaks NTP doodle sharing. We are relaxing this check for now, but
we should fix this for sites to not rely on these APIs to be called
without a user gesture.
See NewTabPageDoodleShareDialogFocusTest.All test for more details.

Bug: 106449, 1334203

Resolves brave/brave-brwoser#16890
(It doesn't strictly address the original issue, because Chromium's initial implementation before the above change does require a gesture already.)

Submitter Checklist:

  • I confirm that no security/privacy review is needed, or that I have requested one
  • There is a ticket for my issue
  • Used Github auto-closing keywords in the PR description above
  • Wrote a good PR/commit description
  • Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
  • Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
  • Checked the PR locally: npm run test -- brave_browser_tests, npm run test -- brave_unit_tests, npm run lint, npm run gn_check, npm run tslint
  • Ran git rebase master (if needed)

Reviewer Checklist:

  • A security review is not needed, or a link to one is included in the PR description
  • New files have MPL-2.0 license header
  • Adequate test coverage exists to prevent regressions
  • Major classes, functions and non-trivial code blocks are well-commented
  • Changes in component dependencies are properly reflected in gn
  • Code follows the style guide
  • Test plan is specified in PR before merging

After-merge Checklist:

Test Plan:

  1. Visit https://shivankaul.com/brave/clipboard-paste.html
  2. You should see a message like:
    This page will attempt to write text to your clipboard without a permission prompt or user interaction.
    SecurityError: Must be handling a user gesture to use custom clipboard
    
  3. Reload the page a few times
  4. Verify you still don't see a success message

@mkarolin mkarolin self-assigned this Aug 30, 2022
@mkarolin mkarolin requested review from a team as code owners August 30, 2022 19:12
@bsclifton
Copy link
Member

npm run lint found some errors but I think we're fine committing with them (we could add // NOLINT, but not worth it IMO)

[2022-08-30T19:36:17.611Z] chromium_src/third_party/blink/renderer/modules/clipboard/clipboard_promise.cc:10:  (cpplint) Weird number of spaces at line-start.  Are you using a 2-space indent?  [whitespace/indent] [3]
[2022-08-30T19:36:17.611Z] chromium_src/third_party/blink/renderer/modules/clipboard/clipboard_promise.cc:10:  (cpplint) Missing space before ( in if(  [whitespace/parens] [5]

Building now to give it a try 😄


#define BRAVE_CLIPBOARD_PROMISE_REQUEST_PERMISSION \
false); \
if(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, but imo quite unclear change for a pretty critical issue.

maybe just add our own block to prevent any clipboard interaction without user gesture? (and add test?)

  if (!has_transient_user_activation) {
    script_promise_resolver_->Reject(MakeGarbageCollected<DOMException>(
        DOMExceptionCode::kSecurityError,
        "Must be handling a user gesture to use clipboard"));
    return;
  }

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@goodov agree that we may want to add our check, but I'd prefer to limit this fix to just reverting the Chromium's temporary(?) relaxation of the gesture requirement. @ShivanKaul do we need a follow up issue to consider adding our own restriction here as @goodov suggesting?

@bsclifton
Copy link
Member

@mkarolin mkarolin force-pushed the maxk-fix-clipboard-gesture-disablement branch from 2650ae9 to 77aa52e Compare August 31, 2022 14:19
…r read/writeText.

We should not relax the gesture requirement.

Chromium change:

https://chromium.googlesource.com/chromium/src/+/4d7b74b051abfe5945f418601fdc2ffc8ce3072c

commit 4d7b74b051abfe5945f418601fdc2ffc8ce3072c
Author: Anupam Snigdha <[email protected]>
Date:   Tue Jun 7 16:36:28 2022 +0000

    [Clipboard API] Remove user gesture requirement for read/writeText.

    Adding user gesture requirement for readText and writeText APIs
    breaks NTP doodle sharing. We are relaxing this check for now, but
    we should fix this for sites to not rely on these APIs to be called
    without a user gesture.
    See NewTabPageDoodleShareDialogFocusTest.All test for more details.

    Bug: 106449, 1334203
@mkarolin mkarolin force-pushed the maxk-fix-clipboard-gesture-disablement branch from 77aa52e to d353be9 Compare August 31, 2022 14:22
@mkarolin
Copy link
Collaborator Author

Force pushed the fix for the lint error.

@kjozwiak
Copy link
Member

kjozwiak commented Sep 7, 2022

Reproduced the issue on Win 11 x64 using the following build(s):

Brave | 1.45.14 Chromium: 105.0.5195.68 (Official Build) nightly (64-bit)
--- | ---
Revision | ad13e82529051bac6a0e65f455e6d7a1e5fd7938-refs/branch-heads/5195@{#903}
OS | Windows 11 Version 21H2 (Build 22000.918)

Went through the STR/Cases outlined via #14901 (comment) and reproduced the original issue as per the following:

reproducedIssue

Verification PASSED on Win 11 x64 using the following build(s):

Brave | 1.45.30 Chromium: 105.0.5195.102 (Official Build) nightly (64-bit)
-- | --
Revision | 4c16f5ffcc2da70ee2600d5db77bed423ac03a5a-refs/branch-heads/5195_55@{#4}
OS | Windows 11 Version 21H2 (Build 22000.918)

Went through the STR/Cases outlined via #14901 (comment) and ensured that a Success message wasn't being displayed. Also opened several tabs and ensured the following message only appeared:

SecurityError: Must be handling a user gesture to use custom clipboard

Note: You may see a Not Allowed message which is fine as well as long as we don't see a Success.

fixedPasteIssue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Restore gesture requirement for async clipboard write access
6 participants