chrome/browser/download/download_extension_api.cc - Issue 10213002: Make downloads.download() respect host permissions

Side by Side Diff: chrome/browser/download/download_extension_api.cc

Issue 10213002: Make downloads.download() respect host permissions (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: " Created 8 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/download/download_extension_api.h"	5 #include "chrome/browser/download/download_extension_api.h"

6	6

7 #include <algorithm>	7 #include <algorithm>

8 #include <cctype>	8 #include <cctype>

9 #include <iterator>	9 #include <iterator>

10 #include <set>	10 #include <set>

(...skipping 363 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
374 std::string url;	374 std::string url;

375 iodata_.reset(new IOData());	375 iodata_.reset(new IOData());

376 EXTENSION_FUNCTION_VALIDATE(args_->GetDictionary(0, &options));	376 EXTENSION_FUNCTION_VALIDATE(args_->GetDictionary(0, &options));

377 EXTENSION_FUNCTION_VALIDATE(options->GetString(kUrlKey, &url));	377 EXTENSION_FUNCTION_VALIDATE(options->GetString(kUrlKey, &url));

378 iodata_->url = GURL(url);	378 iodata_->url = GURL(url);

379 if (!iodata_->url.is_valid()) {	379 if (!iodata_->url.is_valid()) {

380 error_ = download_extension_errors::kInvalidURLError;	380 error_ = download_extension_errors::kInvalidURLError;

381 return false;	381 return false;

382 }	382 }

383	383

	384 // The host permissions should not be why e.g. data, filesystem URLs don't

	385 // work.

	386 if ((iodata_->url.SchemeIs("http") \|\|
	Mihai Parparita -not on Chrome 2012/05/01 20:08:31 Why do you have these scheme checks? HasHostPermis Why do you have these scheme checks? HasHostPermission (despite the name) also checks schemes. benjhayden 2012/05/01 20:19:12 HasHostPermission() disallows schemes other than Show quoted text On 2012/05/01 20:08:31, Mihai Parparita wrote: > Why do you have these scheme checks? HasHostPermission (despite the name) also > checks schemes. HasHostPermission() disallows schemes other than these, but download() should allow them. Extensions should be able to "download" data: and filesystem: URLs. Mihai Parparita -not on Chrome 2012/05/01 20:53:12 Then I'd rather have those be explicitly listed (i Show quoted text On 2012/05/01 20:19:12, benjhayden_chromium wrote: > On 2012/05/01 20:08:31, Mihai Parparita wrote: > > Why do you have these scheme checks? HasHostPermission (despite the name) also > > checks schemes. > > HasHostPermission() disallows schemes other than these, but download() should > allow them. Extensions should be able to "download" data: and filesystem: > URLs. Then I'd rather have those be explicitly listed (i.e. making the check into !url.SchemeIs("data") && !url.SchemeIs("filesystem") && !GetExtension()->HasHostPermission(url)). Otherwise you risk allowing unknown schemes (e.g. your current code allows downloads from the chrome:// scheme, which doesn't seem wise). benjhayden 2012/05/02 14:40:18 Done. Show quoted text On 2012/05/01 20:53:12, Mihai Parparita wrote: > On 2012/05/01 20:19:12, benjhayden_chromium wrote: > > On 2012/05/01 20:08:31, Mihai Parparita wrote: > > > Why do you have these scheme checks? HasHostPermission (despite the name) > also > > > checks schemes. > > > > HasHostPermission() disallows schemes other than these, but download() > should > > allow them. Extensions should be able to "download" data: and filesystem: > > URLs. > > Then I'd rather have those be explicitly listed (i.e. making the check into > !url.SchemeIs("data") && !url.SchemeIs("filesystem") && > !GetExtension()->HasHostPermission(url)). Otherwise you risk allowing unknown > schemes (e.g. your current code allows downloads from the chrome:// scheme, > which doesn't seem wise). Done.
	387 iodata_->url.SchemeIs("https") \|\|

	388 iodata_->url.SchemeIs("ftp") \|\|

	389 iodata_->url.SchemeIs("file") \|\|

	390 iodata_->url.SchemeIs("chrome-extension")) &&

	391 !GetExtension()->HasHostPermission(iodata_->url)) {

	392 error_ = download_extension_errors::kInvalidURLError;

	393 return false;

	394 }

	395

384 if (options->HasKey(kFilenameKey)) {	396 if (options->HasKey(kFilenameKey)) {

385 EXTENSION_FUNCTION_VALIDATE(options->GetString(	397 EXTENSION_FUNCTION_VALIDATE(options->GetString(

386 kFilenameKey, &iodata_->filename));	398 kFilenameKey, &iodata_->filename));

387 if (!ValidateFilename(iodata_->filename)) {	399 if (!ValidateFilename(iodata_->filename)) {

388 error_ = download_extension_errors::kGenericError;	400 error_ = download_extension_errors::kGenericError;

389 return false;	401 return false;

390 }	402 }

391 }	403 }

392	404

393 if (options->HasKey(kSaveAsKey)) {	405 if (options->HasKey(kSaveAsKey)) {

(...skipping 681 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1075 ListValue args;	1087 ListValue args;

1076 args.Append(arg);	1088 args.Append(arg);

1077 std::string json_args;	1089 std::string json_args;

1078 base::JSONWriter::Write(&args, &json_args);	1090 base::JSONWriter::Write(&args, &json_args);

1079 profile_->GetExtensionEventRouter()->DispatchEventToRenderers(	1091 profile_->GetExtensionEventRouter()->DispatchEventToRenderers(

1080 event_name,	1092 event_name,

1081 json_args,	1093 json_args,

1082 profile_,	1094 profile_,

1083 GURL());	1095 GURL());

1084 }	1096 }

OLD	NEW

« no previous file with comments | « no previous file | chrome/test/data/extensions/api_test/downloads/manifest.json » ('j') | no next file with comments »