Change information
Commit message:
[M150] [Blink] Guard user activation against empty IME events
Original change's description:
> [Blink] Guard user activation against empty IME events
>
> On Linux platforms, window focus events trigger the display server or
> compositor (via IME frameworks like IBus/Fcitx or zwp_text_input_v3) to
> send state-clearing preedit/reset events with an empty string.
>
> Historically, WebInputMethodControllerImpl::SetComposition and
> CommitText unconditionally triggered local frame UserActivation (with
> kInteraction), allowing window focus/creation to erroneously grant
> transient and sticky user activation. This bypassed user gesture
> security checks and enabled silent password exfiltration under XSS.
>
> This CL prevents user activation from triggering when the incoming IME
> text is empty. We also add a unit test to verify that empty IME
> composition and commit events do not elevate user activation, while
> non-empty events do.
>
> Bug: 504600482
> Change-Id: I82444a21888d4e61fe1a8cf75871ed47b18d1aef
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7868631
> Commit-Queue: Thomas Anderson <thomasa...@chromium.org>
> Auto-Submit: Thomas Anderson <thomasa...@chromium.org>
> Reviewed-by: Ian Kilpatrick <ikilp...@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1639820}
(cherry picked from commit 3be8f92c7e8368b5454a9392da0fdbbc9b39bc74)
Bug: 527774340,504600482
Change-Id: I82444a21888d4e61fe1a8cf75871ed47b18d1aef
Cr-Commit-Position: refs/branch-heads/7871@{#2888}
Cr-Branched-From: f542126b8c1b3e80104b26bb05ec830bd1206f29-refs/heads/main@{#1639810}
Files:
- M third_party/blink/renderer/core/exported/web_input_method_controller_impl.cc
- M third_party/blink/renderer/core/exported/web_view_test.cc
Change size: M
Delta: 2 files changed, 56 insertions(+), 4 deletions(-)
Branch: refs/branch-heads/7871
Submit Requirements:
Code-Review: +1 by Mohamed Amir Yosef, +1 by Daniel Yip, +1 by Thomas Anderson, +1 by Ben Mason