Added dangerous download prompting.

chrome/browser/download/download_manager.h

 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // The DownloadManager object manages the process of downloading, including
 // updates to the history system and providing the information for displaying
 // the downloads view in the Destinations tab. There is one DownloadManager per
 // active profile in Chrome.
 //
 // Each download is represented by a DownloadItem, and all DownloadItems
@@ skipping 62 matching lines @@
 // Destination tab's download view, may refer to a given DownloadItem.
 class DownloadItem {
  public:
   enum DownloadState {
     IN_PROGRESS,
     COMPLETE,
     CANCELLED,
     REMOVING
   };
 
+  enum SafetyState {
+    SAFE = 0,
+    DANGEROUS,
+    DANGEROUS_BUT_VALIDATED  // Dangerous but the user confirmed the download.
+  };
+
   // Interface that observers of a particular download must implement in order
   // to receive updates to the download's status.
   class Observer {
    public:
     virtual void OnDownloadUpdated(DownloadItem* download) = 0;
   };
 
   // Constructing from persistent store:
   DownloadItem(const DownloadCreateInfo& info);
 
   // Constructing from user action:
   DownloadItem(int32 download_id,
                const std::wstring& path,
                const std::wstring& url,
+               const std::wstring& original_name,
                const Time start_time,
                int64 download_size,
                int render_process_id,
-               int request_id);
+               int request_id,
+               bool is_dangerous);
 
   ~DownloadItem();
 
   void Init(bool start_timer);
 
   // Public API
 
   void AddObserver(Observer* observer);
   void RemoveObserver(Observer* observer);
 
   // Notify our observers periodically
   void UpdateObservers();
 
   // Received a new chunk of data
   void Update(int64 bytes_so_far);
 
   // Cancel the download operation. We need to distinguish between cancels at
   // exit (DownloadManager destructor) from user interface initiated cancels
   // because at exit, the history system may not exist, and any updates to it
   // require AddRef'ing the DownloadManager in the destructor which results in
   // a DCHECK failure. Set 'update_history' to false when canceling from at
   // exit to prevent this crash. This may result in a difference between the
   // downloaded file's size on disk, and what the history system's last record
   // of it is. At worst, we'll end up re-downloading a small portion of the file
   // when resuming a download (assuming the server supports byte ranges).
   void Cancel(bool update_history);
 
-  // Download operation completed
+  // Download operation completed.
   void Finished(int64 size);
 
-  // The user wants to remove the download from the views and history. This
-  // operation does not delete the file on the disk.
-  void Remove();
+  // The user wants to remove the download from the views and history. If
+  // |delete_file| is true, the file is deleted on the disk.
+  void Remove(bool delete_file);
 
   // Start/stop sending periodic updates to our observers
   void StartProgressTimer();
   void StopProgressTimer();
 
   // Simple calculation of the amount of time remaining to completion. Fills
   // |*remaining| with the amount of time remaining if successful. Fails and
   // returns false if we do not have the number of bytes or the speed so can
   // not estimate.
   bool TimeRemaining(TimeDelta* remaining) const;
 
   // Simple speed estimate in bytes/s
   int64 CurrentSpeed() const;
 
   // Rough percent complete, -1 means we don't know (since we didn't receive a
   // total size).
   int PercentComplete() const;
 
   // Update the download's path, the actual file is renamed on the download
   // thread.
   void Rename(const std::wstring& full_path);
 
   // Allow the user to temporarily pause a download or resume a paused download.
   void TogglePause();
 
   // Accessors
   DownloadState state() const { return state_; }
+  std::wstring file_name() const { return file_name_; }
+  void set_file_name(const std::wstring& name) { file_name_ = name; }
   std::wstring full_path() const { return full_path_; }
-  std::wstring file_name() const { return file_name_; }
+  void set_full_path(const std::wstring& path) { full_path_ = path; }
   std::wstring url() const { return url_; }
   int64 total_bytes() const { return total_bytes_; }
   void set_total_bytes(int64 total_bytes) { total_bytes_ = total_bytes; }
   int64 received_bytes() const { return received_bytes_; }
   int32 id() const { return id_; }
   Time start_time() const { return start_time_; }
   void set_db_handle(int64 handle) { db_handle_ = handle; }
   int64 db_handle() const { return db_handle_; }
   DownloadManager* manager() const { return manager_; }
   void set_manager(DownloadManager* manager) { manager_ = manager; }
   bool is_paused() const { return is_paused_; }
   void set_is_paused(bool pause) { is_paused_ = pause; }
   bool open_when_complete() const { return open_when_complete_; }
   void set_open_when_complete(bool open) { open_when_complete_ = open; }
   int render_process_id() const { return render_process_id_; }
   int request_id() const { return request_id_; }
+  SafetyState safety_state() const { return safety_state_; }
+  void set_safety_state(SafetyState safety_state) {
+    safety_state_ = safety_state;
+  }
+  std::wstring original_name() const { return original_name_; }
+  void set_original_name(const std::wstring& name) { original_name_ = name; }
+
+  // Returns the file-name that should be reported to the user, which is
+  // file_name_ for safe downloads and original_name_ for dangerous ones.
+  std::wstring GetFileName() const;
 
  private:
   // Internal helper for maintaining consistent received and total sizes.
   void UpdateSize(int64 size);
 
   // Request ID assigned by the ResourceDispatcherHost.
   int32 id_;
 
   // Full path to the downloaded file
   std::wstring full_path_;
@@ skipping 30 matching lines @@
 
   // Our owning object
   DownloadManager* manager_;
 
   // In progress downloads may be paused by the user, we note it here
   bool is_paused_;
 
   // A flag for indicating if the download should be opened at completion.
   bool open_when_complete_;
 
+  // Whether the download is considered potentially safe or dangerous
+  // (executable files are typically considered dangerous).
+  SafetyState safety_state_;
+
+  // Dangerous download are given temporary names until the user approves them.
+  // This stores their original name.
+  std::wstring original_name_;
+
   // For canceling or pausing requests.
   int render_process_id_;
   int request_id_;
 
   DISALLOW_EVIL_CONSTRUCTORS(DownloadItem);
 };
 
 
 // DownloadManager -------------------------------------------------------------
 
@@ skipping 108 matching lines @@
   void ResetAutoOpenFiles();
 
   // Returns true if there are automatic handlers registered for any file
   // types.
   bool HasAutoOpenFileTypesRegistered() const;
 
   // Overridden from SelectFileDialog::Listener:
   virtual void FileSelected(const std::wstring& path, void* params);
   virtual void FileSelectionCanceled(void* params);
 
+  // Deletes the specified path on the file thread.
+  void DeleteDownload(const std::wstring& path);
+
+  // Called when the user has validated the donwload of a dangerous file.
+  void DangerousDownloadValidated(DownloadItem* download);
+
  private:
   // Shutdown the download manager.  This call is needed only after Init.
   void Shutdown();
 
   // Called on the download thread to check whether the suggested file path
   // exists.  We don't check if the file exists on the UI thread to avoid UI
   // stalls from interacting with the file system.
   void CheckIfSuggestedPathExists(DownloadCreateInfo* info);
 
   // Called on the UI thread once the DownloadManager has determined whether the
@@ skipping 31 matching lines @@
   static void OnCancelDownloadRequest(ResourceDispatcherHost* rdh,
                                       int render_process_id,
                                       int request_id);
 
   // Runs the pause on the IO thread.
   static void OnPauseDownloadRequest(ResourceDispatcherHost* rdh,
                                      int render_process_id,
                                      int request_id,
                                      bool pause);
 
+  // Performs the last steps required when a download has been completed.
+  // It is necessary to break down the flow when a download is finished as
+  // dangerous downloads are downloaded to temporary files that need to be
+  // renamed on the file thread first.
+  // Invoked on the UI thread.
+  void ContinueDownloadFinished(DownloadItem* download);
+
+  // Renames a finished dangerous download from its temporary file name to its
+  // real file name.
+  // Invoked on the file thread.
+  void ProceedWithFinishedDangerousDownload(int64 download_handle, 
+                                            const std::wstring& path,
+                                            const std::wstring& original_name);
+
+  // Invoked on the UI thread when a dangerous downloaded file has been renamed.
+  void DangerousDownloadRenamed(int64 download_handle,
+                                bool success,
+                                const std::wstring& new_path);
+
+  // Checks whether a file represents a risk if downloaded.
+  bool IsDangerous(const std::wstring& file_name);
+
+  // Changes the paths and file name of the specified |download|, propagating
+  // the change to the history system.
+  void RenameDownload(DownloadItem* download, const std::wstring& new_path);
+
   // 'downloads_' is map of all downloads in this profile. The key is the handle
   // returned by the history system, which is unique across sessions. This map
   // owns all the DownloadItems once they have been created in the history
   // system.
   //
   // 'in_progress_' is a map of all downloads that are in progress and that have
   // not yet received a valid history handle. The key is the ID assigned by the
   // ResourceDispatcherHost, which is unique for the current session. This map
   // does not own the DownloadItems.
   //
+  // 'dangerous_finished_' is a map of dangerous download that have finished
+  // but were not yet approved by the user.  Similarly to in_progress_, the key
+  // is the ID assigned by the ResourceDispatcherHost and the map does not own
+  // the DownloadItems.  It is used on shutdown to delete completed downloads
+  // that have not been approved.
+  // 
   // When a download is created through a user action, the corresponding
   // DownloadItem* is placed in 'in_progress_' and remains there until it has
   // received a valid handle from the history system. Once it has a valid
   // handle, the DownloadItem* is placed in the 'downloads_' map. When the
   // download is complete, it is removed from 'in_progress_'. Downloads from
   // past sessions read from a persisted state from the history system are
   // placed directly into 'downloads_' since they have valid handles in the
   // history system.
   typedef base::hash_map<int64, DownloadItem*> DownloadMap;
   DownloadMap downloads_;
   DownloadMap in_progress_;
+  DownloadMap dangerous_finished_;
 
   // True if the download manager has been initialized and requires a shutdown.
   bool shutdown_needed_;
 
   // Observers that want to be notified of changes to the set of downloads.
   ObserverList<Observer> observers_;
 
   // The current active profile.
   Profile* profile_;
   scoped_refptr<URLRequestContext> request_context_;
@@ skipping 35 matching lines @@
 
   // The "Save As" dialog box used to ask the user where a file should be
   // saved.
   scoped_refptr<SelectFileDialog> select_file_dialog_;
 
   DISALLOW_EVIL_CONSTRUCTORS(DownloadManager);
 };
 
 
 #endif  // CHROME_BROWSER_DOWNLOAD_DOWNLOAD_MANAGER_H__