Bug 91945

The Wayland protocol documentation does not indicate when wl_data_offer::receive requests can be sent, nor when wl_data_source::send events will be received. Some clients may assume that data may be sent only once for a single MIME type during a DnD session (which GTK+ does to work around bug #91944). Other clients may be prepared to handle multiple simultaneous data transfers (when dl_data_offer::receive is called several times in a row, perhaps in a loop), while yet others may be prepared to handle multiple data transfers only if one is ongoing at a time.

The protocol should provide some indication of what well-behaved clients should be expected to support.

It's important to also consider some limit on the number of simultaneous data requests. I previously discovered a file descriptor denial of service against GTK+ by calling wl_data_offer::receive thousands of times in a loop in response to receiving wl_data_device::drag_enter. Nowadays GTK+ is careful to allow only one request at a time, avoiding this issue, but it's not clear from the documentation if this is appropriate or not, as other clients may reasonably expect to be able to call wl_data_offer::receive multiple times in a row.

"This request may happen multiple times for different mimetypes, both before and after wl_data_device.drop. Drag-and-drop destination clients may preemptively fetch data or examine it more closely to determine acceptance."