| Index: net/url_request/url_request_file_job.cc
|
| diff --git a/net/url_request/url_request_file_job.cc b/net/url_request/url_request_file_job.cc
|
| index 3c8deae2f6385c7f51d83bce334c171a35144ada..35708b93a663217d962a5b84c7bf00ec5a48bd92 100644
|
| --- a/net/url_request/url_request_file_job.cc
|
| +++ b/net/url_request/url_request_file_job.cc
|
| @@ -36,11 +36,21 @@
|
| #include "net/base/net_util.h"
|
| #include "net/http/http_util.h"
|
| #include "net/url_request/url_request.h"
|
| +#include "net/url_request/url_request_context.h"
|
| #include "net/url_request/url_request_error_job.h"
|
| #include "net/url_request/url_request_file_dir_job.h"
|
|
|
| namespace net {
|
|
|
| +
|
| +// By default we don't allow access to all file:// urls on ChromeOS but we do on
|
| +// other platforms.
|
| +#if defined(OS_CHROMEOS)
|
| +bool URLRequestFileJob::g_allow_file_access_ = false;
|
| +#else
|
| +bool URLRequestFileJob::g_allow_file_access_ = true;
|
| +#endif
|
| +
|
| class URLRequestFileJob::AsyncResolver
|
| : public base::RefCountedThreadSafe<URLRequestFileJob::AsyncResolver> {
|
| public:
|
| @@ -94,15 +104,12 @@ URLRequestFileJob::URLRequestFileJob(URLRequest* request,
|
| // static
|
| URLRequestJob* URLRequestFileJob::Factory(URLRequest* request,
|
| const std::string& scheme) {
|
| -
|
| FilePath file_path;
|
| const bool is_file = FileURLToFilePath(request->url(), &file_path);
|
|
|
| -#if defined(OS_CHROMEOS)
|
| - // Check file access.
|
| - if (AccessDisabled(file_path))
|
| + // Check file access permissions.
|
| + if (!IsFileAccessAllowed(*request, file_path))
|
| return new URLRequestErrorJob(request, ERR_ACCESS_DENIED);
|
| -#endif
|
|
|
| // We need to decide whether to create URLRequestFileJob for file access or
|
| // URLRequestFileDirJob for directory access. To avoid accessing the
|
| @@ -120,35 +127,6 @@ URLRequestJob* URLRequestFileJob::Factory(URLRequest* request,
|
| return new URLRequestFileJob(request, file_path);
|
| }
|
|
|
| -#if defined(OS_CHROMEOS)
|
| -static const char* const kLocalAccessWhiteList[] = {
|
| - "/home/chronos/user/Downloads",
|
| - "/home/chronos/user/log",
|
| - "/media",
|
| - "/opt/oem",
|
| - "/usr/share/chromeos-assets",
|
| - "/tmp",
|
| - "/var/log",
|
| -};
|
| -
|
| -// static
|
| -bool URLRequestFileJob::AccessDisabled(const FilePath& file_path) {
|
| - if (URLRequest::IsFileAccessAllowed()) { // for tests.
|
| - return false;
|
| - }
|
| -
|
| - for (size_t i = 0; i < arraysize(kLocalAccessWhiteList); ++i) {
|
| - const FilePath white_listed_path(kLocalAccessWhiteList[i]);
|
| - // FilePath::operator== should probably handle trailing seperators.
|
| - if (white_listed_path == file_path.StripTrailingSeparators() ||
|
| - white_listed_path.IsParent(file_path)) {
|
| - return false;
|
| - }
|
| - }
|
| - return true;
|
| -}
|
| -#endif // OS_CHROMEOS
|
| -
|
| void URLRequestFileJob::Start() {
|
| DCHECK(!async_resolver_);
|
| async_resolver_ = new AsyncResolver(this);
|
| @@ -281,6 +259,25 @@ void URLRequestFileJob::SetExtraRequestHeaders(
|
| }
|
| }
|
|
|
| +// static
|
| +void URLRequestFileJob::AllowAccessToAllFiles() {
|
| + g_allow_file_access_ = true;
|
| +}
|
| +
|
| +// static
|
| +bool URLRequestFileJob::IsFileAccessAllowed(const URLRequest& request,
|
| + const FilePath& path) {
|
| + if (g_allow_file_access_)
|
| + return true;
|
| + const URLRequestContext* context = request.context();
|
| + if (!context)
|
| + return false;
|
| + const NetworkDelegate* delegate = context->network_delegate();
|
| + if (delegate)
|
| + return delegate->NotifyFileAccessRequested(request, path);
|
| + return false;
|
| +}
|
| +
|
| URLRequestFileJob::~URLRequestFileJob() {
|
| DCHECK(!async_resolver_);
|
| }
|
|
|
Chromium Code Reviews
Issue 10068021:
Fix file access on Chrome for ChromeOS on Linux (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src