Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(514)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: webkit/fileapi/file_system_operation.cc

Issue 6810037: File API changes needed for safely passing user selected file entities from the file browser comp... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« webkit/fileapi/file_system_context_unittest.cc ('K') | « webkit/fileapi/file_system_mount_point_provider.h ('k') | webkit/fileapi/file_system_path_manager.h » ('j') | webkit/fileapi/file_system_path_manager_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "webkit/fileapi/file_system_operation.h" 5 #include "webkit/fileapi/file_system_operation.h"
6 6
7 #include "base/time.h" 7 #include "base/time.h"
8 #include "base/utf_string_conversions.h" 8 #include "base/utf_string_conversions.h"
9 #include "net/base/escape.h" 9 #include "net/base/escape.h"
10 #include "net/url_request/url_request_context.h" 10 #include "net/url_request/url_request_context.h"
(...skipping 552 matching lines...) Expand 10 before | Expand all | Expand 10 after
563 return true; 563 return true;
564 } 564 }
565 565
566 // We may want do more checks, but for now it just checks if the given 566 // We may want do more checks, but for now it just checks if the given
567 // URL is valid. 567 // URL is valid.
568 if (!CrackFileSystemURL(path, origin_url, type, virtual_path)) { 568 if (!CrackFileSystemURL(path, origin_url, type, virtual_path)) {
569 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); 569 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY);
570 return false; 570 return false;
571 } 571 }
572 if (!file_system_context()->path_manager()->IsAllowedFileSystemType( 572 if (!file_system_context()->path_manager()->IsAllowedFileSystemType(
573 *origin_url, *type)) { 573 *origin_url, *type, *virtual_path)) {
574 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); 574 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY);
575 return false; 575 return false;
576 } 576 }
577 577
578 return true; 578 return true;
579 } 579 }
580 580
581 bool FileSystemOperation::VerifyFileSystemPathForWrite( 581 bool FileSystemOperation::VerifyFileSystemPathForWrite(
582 const GURL& path, bool create, GURL* origin_url, FileSystemType* type, 582 const GURL& path, bool create, GURL* origin_url, FileSystemType* type,
583 FilePath* virtual_path) { 583 FilePath* virtual_path) {
(...skipping 16 matching lines...) Expand all
600 *type = file_system_operation_context_.dest_type(); 600 *type = file_system_operation_context_.dest_type();
601 *origin_url = file_system_operation_context_.dest_origin_url(); 601 *origin_url = file_system_operation_context_.dest_origin_url();
602 return true; 602 return true;
603 } 603 }
604 604
605 if (!CrackFileSystemURL(path, origin_url, type, virtual_path)) { 605 if (!CrackFileSystemURL(path, origin_url, type, virtual_path)) {
606 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); 606 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY);
607 return false; 607 return false;
608 } 608 }
609 if (!file_system_context()->path_manager()->IsAllowedFileSystemType( 609 if (!file_system_context()->path_manager()->IsAllowedFileSystemType(
610 *origin_url, *type)) { 610 *origin_url, *type, *virtual_path)) {
611 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); 611 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY);
612 return false; 612 return false;
613 } 613 }
614 // Any write access is disallowed on the root path. 614 // Any write access is disallowed on the root path.
615 if (virtual_path->value().length() == 0 || 615 if (virtual_path->value().length() == 0 ||
616 virtual_path->DirName().value() == virtual_path->value()) { 616 virtual_path->DirName().value() == virtual_path->value()) {
617 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); 617 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY);
618 return false; 618 return false;
619 } 619 }
620 if (create && file_system_context()->path_manager()->IsRestrictedFileName( 620 if (create && file_system_context()->path_manager()->IsRestrictedFileName(
621 *type, virtual_path->BaseName())) { 621 *type, virtual_path->BaseName())) {
622 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); 622 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_SECURITY);
623 return false; 623 return false;
624 } 624 }
625 // TODO(kinuko): the check must be moved to QuotaFileSystemFileUtil. 625 // TODO(kinuko): the check must be moved to QuotaFileSystemFileUtil.
626 if (!file_system_context()->IsStorageUnlimited(*origin_url)) { 626 if (!file_system_context()->IsStorageUnlimited(*origin_url)) {
627 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_NO_SPACE); 627 dispatcher_->DidFail(base::PLATFORM_FILE_ERROR_NO_SPACE);
628 return false; 628 return false;
629 } 629 }
630 return true; 630 return true;
631 } 631 }
632 632
633 } // namespace fileapi 633 } // namespace fileapi
OLDNEW
« webkit/fileapi/file_system_context_unittest.cc ('K') | « webkit/fileapi/file_system_mount_point_provider.h ('k') | webkit/fileapi/file_system_path_manager.h » ('j') | webkit/fileapi/file_system_path_manager_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698