| Index: net/base/net_util.cc
|
| diff --git a/net/base/net_util.cc b/net/base/net_util.cc
|
| index 097da238ed2acf6d2ba5123f8ddab72a5fe57d93..ef8eb534d12792c4ae76978f1425470acce9cd00 100644
|
| --- a/net/base/net_util.cc
|
| +++ b/net/base/net_util.cc
|
| @@ -64,6 +64,7 @@
|
| #include "grit/net_resources.h"
|
| #include "net/base/dns_util.h"
|
| #include "net/base/escape.h"
|
| +#include "net/base/mime_util.h"
|
| #include "net/base/net_module.h"
|
| #if defined(OS_WIN)
|
| #include "net/base/winsock_init.h"
|
| @@ -921,6 +922,112 @@ char* do_strdup(const char* src) {
|
| #endif
|
| }
|
|
|
| +#if defined(OS_WIN)
|
| +// Returns whether the specified extension is automatically integrated into the
|
| +// windows shell.
|
| +bool IsShellIntegratedExtension(const string16& extension) {
|
| + string16 extension_lower = StringToLowerASCII(extension);
|
| +
|
| + static const wchar_t* const integrated_extensions[] = {
|
| + // See <http://msdn.microsoft.com/en-us/library/ms811694.aspx>.
|
| + L"local",
|
| + // Right-clicking on shortcuts can be magical.
|
| + L"lnk",
|
| + };
|
| +
|
| + for (int i = 0; i < arraysize(integrated_extensions); ++i) {
|
| + if (extension_lower == integrated_extensions[i])
|
| + return true;
|
| + }
|
| +
|
| + // See <http://www.juniper.net/security/auto/vulnerabilities/vuln2612.html>.
|
| + // That vulnerability report is not exactly on point, but files become magical
|
| + // if their end in a CLSID. Here we block extensions that look like CLSIDs.
|
| + if (!extension_lower.empty() && extension_lower[0] == L'{' &&
|
| + extension_lower[extension_lower.length() - 1] == L'}')
|
| + return true;
|
| +
|
| + return false;
|
| +}
|
| +
|
| +// Returns whether the specified file name is a reserved name on windows.
|
| +// This includes names like "com2.zip" (which correspond to devices) and
|
| +// desktop.ini and thumbs.db which have special meaning to the windows shell.
|
| +bool IsReservedName(const string16& filename) {
|
| + // This list is taken from the MSDN article "Naming a file"
|
| + // http://msdn2.microsoft.com/en-us/library/aa365247(VS.85).aspx
|
| + // I also added clock$ because GetSaveFileName seems to consider it as a
|
| + // reserved name too.
|
| + static const wchar_t* const known_devices[] = {
|
| + L"con", L"prn", L"aux", L"nul", L"com1", L"com2", L"com3", L"com4", L"com5",
|
| + L"com6", L"com7", L"com8", L"com9", L"lpt1", L"lpt2", L"lpt3", L"lpt4",
|
| + L"lpt5", L"lpt6", L"lpt7", L"lpt8", L"lpt9", L"clock$"
|
| + };
|
| + string16 filename_lower = StringToLowerASCII(filename);
|
| +
|
| + for (int i = 0; i < arraysize(known_devices); ++i) {
|
| + // Exact match.
|
| + if (filename_lower == known_devices[i])
|
| + return true;
|
| + // Starts with "DEVICE.".
|
| + if (filename_lower.find(string16(known_devices[i]) + L".") == 0)
|
| + return true;
|
| + }
|
| +
|
| + static const wchar_t* const magic_names[] = {
|
| + // These file names are used by the "Customize folder" feature of the shell.
|
| + L"desktop.ini",
|
| + L"thumbs.db",
|
| + };
|
| +
|
| + for (int i = 0; i < arraysize(magic_names); ++i) {
|
| + if (filename_lower == magic_names[i])
|
| + return true;
|
| + }
|
| +
|
| + return false;
|
| +}
|
| +#endif // OS_WIN
|
| +
|
| +void GenerateSafeExtension(const std::string& mime_type, FilePath* file_name) {
|
| + // We're worried about two things here:
|
| + //
|
| + // 1) Usability. If the site fails to provide a file extension, we want to
|
| + // guess a reasonable file extension based on the content type.
|
| + //
|
| + // 2) Shell integration. Some file extensions automatically integrate with
|
| + // the shell. We block these extensions to prevent a malicious web site
|
| + // from integrating with the user's shell.
|
| +
|
| + // See if our file name already contains an extension.
|
| + FilePath::StringType extension = file_name->Extension();
|
| + if (!extension.empty())
|
| + extension.erase(extension.begin()); // Erase preceding '.'.
|
| +
|
| +#if defined(OS_WIN)
|
| + static const FilePath::CharType default_extension[] =
|
| + FILE_PATH_LITERAL("download");
|
| +
|
| + // Rename shell-integrated extensions.
|
| + // TODO(asanka): Consider stripping out the bad extension and replacing it
|
| + // with the preferred extension for the MIME type if one is available.
|
| + if (IsShellIntegratedExtension(extension))
|
| + extension.assign(default_extension);
|
| +#endif
|
| +
|
| + if (extension.empty() && !mime_type.empty()) {
|
| + // The GetPreferredExtensionForMimeType call will end up going to disk. Do
|
| + // this on another thread to avoid slowing the IO thread.
|
| + // http://crbug.com/61827
|
| + // TODO(asanka): Remove this ScopedAllowIO once all callers have switched
|
| + // over to IO safe threads.
|
| + base::ThreadRestrictions::ScopedAllowIO allow_io;
|
| + net::GetPreferredExtensionForMimeType(mime_type, &extension);
|
| + }
|
| +
|
| + *file_name = file_name->ReplaceExtension(extension);
|
| +}
|
| +
|
| } // namespace
|
|
|
| const FormatUrlType kFormatUrlOmitNothing = 0;
|
| @@ -968,7 +1075,7 @@ GURL FilePathToFileURL(const FilePath& path) {
|
| }
|
|
|
| std::string GetSpecificHeader(const std::string& headers,
|
| - const std::string& name) {
|
| + const std::string& name) {
|
| // We want to grab the Value from the "Key: Value" pairs in the headers,
|
| // which should look like this (no leading spaces, \n-separated) (we format
|
| // them this way in url_request_inet.cc):
|
| @@ -1248,6 +1355,26 @@ string16 StripWWW(const string16& text) {
|
| return StartsWith(text, www, true) ? text.substr(www.length()) : text;
|
| }
|
|
|
| +void GenerateSafeFileName(const std::string& mime_type, FilePath* file_path) {
|
| + // Make sure we get the right file extension
|
| + GenerateSafeExtension(mime_type, file_path);
|
| +
|
| +#if defined(OS_WIN)
|
| + // Prepend "_" to the file name if it's a reserved name
|
| + FilePath::StringType leaf_name = file_path->BaseName().value();
|
| + DCHECK(!leaf_name.empty());
|
| + if (IsReservedName(leaf_name)) {
|
| + leaf_name = FilePath::StringType(FILE_PATH_LITERAL("_")) + leaf_name;
|
| + *file_path = file_path->DirName();
|
| + if (file_path->value() == FilePath::kCurrentDirectory) {
|
| + *file_path = FilePath(leaf_name);
|
| + } else {
|
| + *file_path = file_path->Append(leaf_name);
|
| + }
|
| + }
|
| +#endif
|
| +}
|
| +
|
| string16 GetSuggestedFilename(const GURL& url,
|
| const std::string& content_disposition,
|
| const std::string& referrer_charset,
|
| @@ -1348,6 +1475,35 @@ string16 GetSuggestedFilename(const GURL& url,
|
| #endif
|
| }
|
|
|
| +FilePath GenerateFileName(const GURL& url,
|
| + const std::string& content_disposition,
|
| + const std::string& referrer_charset,
|
| + const std::string& suggested_name,
|
| + const std::string& mime_type,
|
| + const string16& default_file_name) {
|
| + string16 new_name = GetSuggestedFilename(GURL(url),
|
| + content_disposition,
|
| + referrer_charset,
|
| + suggested_name,
|
| + default_file_name);
|
| +
|
| + // TODO(evan): this code is totally wrong -- we should just generate
|
| + // Unicode filenames and do all this encoding switching at the end.
|
| + // However, I'm just shuffling wrong code around, at least not adding
|
| + // to it.
|
| +#if defined(OS_WIN)
|
| + FilePath generated_name = FilePath(new_name);
|
| +#else
|
| + FilePath generated_name = FilePath(
|
| + base::SysWideToNativeMB(UTF16ToWide(new_name)));
|
| +#endif
|
| +
|
| + DCHECK(!generated_name.empty());
|
| +
|
| + GenerateSafeFileName(mime_type, &generated_name);
|
| + return generated_name;
|
| +}
|
| +
|
| bool IsPortAllowedByDefault(int port) {
|
| int array_size = arraysize(kRestrictedPorts);
|
| for (int i = 0; i < array_size; i++) {
|
|
|
Chromium Code Reviews
Issue 7300005:
Move filename determination to net_util (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src