| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/download/chrome_download_manager_delegate.h" | 5 #include "chrome/browser/download/chrome_download_manager_delegate.h" |
| 6 | 6 |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/file_util.h" | 8 #include "base/file_util.h" |
| 9 #include "base/path_service.h" | 9 #include "base/path_service.h" |
| 10 #include "base/rand_util.h" | 10 #include "base/rand_util.h" |
| (...skipping 239 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 250 float progress = 0; | 250 float progress = 0; |
| 251 int download_count = 0; | 251 int download_count = 0; |
| 252 bool progress_known = | 252 bool progress_known = |
| 253 g_browser_process->download_status_updater()->GetProgress( | 253 g_browser_process->download_status_updater()->GetProgress( |
| 254 &progress, &download_count); | 254 &progress, &download_count); |
| 255 download_util::UpdateAppIconDownloadProgress( | 255 download_util::UpdateAppIconDownloadProgress( |
| 256 download_count, progress_known, progress); | 256 download_count, progress_known, progress); |
| 257 } | 257 } |
| 258 | 258 |
| 259 void ChromeDownloadManagerDelegate::CheckDownloadUrlDone( | 259 void ChromeDownloadManagerDelegate::CheckDownloadUrlDone( |
| 260 int32 download_id, bool is_dangerous_url) { | 260 int32 download_id, |
| 261 bool is_dangerous_url) { |
| 261 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 262 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 262 | 263 |
| 263 DownloadItem* download = | 264 DownloadItem* download = |
| 264 download_manager_->GetActiveDownloadItem(download_id); | 265 download_manager_->GetActiveDownloadItem(download_id); |
| 265 if (!download) | 266 if (!download) |
| 266 return; | 267 return; |
| 267 | 268 |
| 268 if (is_dangerous_url) | 269 if (is_dangerous_url) |
| 269 download->MarkUrlDangerous(); | 270 download->MarkUrlDangerous(); |
| 270 | 271 |
| 271 download_history_->CheckVisitedReferrerBefore( | 272 download_history_->CheckVisitedReferrerBefore(download_id, |
| 272 download_id, | 273 download->referrer_url(), NewCallback(this, |
| 273 download->referrer_url(), | |
| 274 NewCallback(this, | |
| 275 &ChromeDownloadManagerDelegate::CheckVisitedReferrerBeforeDone)); | 274 &ChromeDownloadManagerDelegate::CheckVisitedReferrerBeforeDone)); |
| 276 } | 275 } |
| 277 | 276 |
| 278 // NotificationObserver implementation. | 277 // NotificationObserver implementation. |
| 279 void ChromeDownloadManagerDelegate::Observe( | 278 void ChromeDownloadManagerDelegate::Observe( |
| 280 int type, | 279 int type, |
| 281 const NotificationSource& source, | 280 const NotificationSource& source, |
| 282 const NotificationDetails& details) { | 281 const NotificationDetails& details) { |
| 283 DCHECK(type == chrome::NOTIFICATION_CRX_INSTALLER_DONE); | 282 DCHECK(type == chrome::NOTIFICATION_CRX_INSTALLER_DONE); |
| 284 | 283 |
| (...skipping 182 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 467 download_manager_->RestartDownload(download_id); | 466 download_manager_->RestartDownload(download_id); |
| 468 } | 467 } |
| 469 | 468 |
| 470 // TODO(phajdan.jr): This is apparently not being exercised in tests. | 469 // TODO(phajdan.jr): This is apparently not being exercised in tests. |
| 471 bool ChromeDownloadManagerDelegate::IsDangerousFile( | 470 bool ChromeDownloadManagerDelegate::IsDangerousFile( |
| 472 const DownloadItem& download, | 471 const DownloadItem& download, |
| 473 const DownloadStateInfo& state, | 472 const DownloadStateInfo& state, |
| 474 bool visited_referrer_before) { | 473 bool visited_referrer_before) { |
| 475 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 474 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 476 | 475 |
| 477 bool auto_open = ShouldOpenFileBasedOnExtension(state.suggested_path); | 476 // Anything loaded directly from the address bar is OK. |
| 478 download_util::DownloadDangerLevel danger_level = | 477 if (state.transition_type & PageTransition::FROM_ADDRESS_BAR) |
| 479 download_util::GetFileDangerLevel(state.suggested_path.BaseName()); | 478 return false; |
| 480 | 479 |
| 481 if (danger_level == download_util::Dangerous) | 480 // Extensions that are not from the gallery are considered dangerous. |
| 482 return !(auto_open && state.has_user_gesture); | |
| 483 | |
| 484 if (danger_level == download_util::AllowOnUserGesture && | |
| 485 (!state.has_user_gesture || !visited_referrer_before)) | |
| 486 return true; | |
| 487 | |
| 488 if (IsExtensionDownload(&download)) { | 481 if (IsExtensionDownload(&download)) { |
| 489 // Extensions that are not from the gallery are considered dangerous. | |
| 490 ExtensionService* service = profile_->GetExtensionService(); | 482 ExtensionService* service = profile_->GetExtensionService(); |
| 491 if (!service || !service->IsDownloadFromGallery(download.GetURL(), | 483 if (!service || !service->IsDownloadFromGallery(download.GetURL(), |
| 492 download.referrer_url())) | 484 download.referrer_url())) |
| 493 return true; | 485 return true; |
| 494 } | 486 } |
| 495 return false; | 487 |
| 488 // Anything the user has marked auto-open is OK if it's user-initiated. |
| 489 if (ShouldOpenFileBasedOnExtension(state.suggested_path) && |
| 490 state.has_user_gesture) |
| 491 return false; |
| 492 |
| 493 // "Allow on user gesture" is OK when we have a user gesture and the hosting |
| 494 // page has been visited before today. |
| 495 download_util::DownloadDangerLevel danger_level = |
| 496 download_util::GetFileDangerLevel(state.suggested_path.BaseName()); |
| 497 if (danger_level == download_util::AllowOnUserGesture) |
| 498 return !state.has_user_gesture || !visited_referrer_before; |
| 499 |
| 500 return danger_level == download_util::Dangerous; |
| 496 } | 501 } |
| 497 | 502 |
| 498 void ChromeDownloadManagerDelegate::OnItemAddedToPersistentStore( | 503 void ChromeDownloadManagerDelegate::OnItemAddedToPersistentStore( |
| 499 int32 download_id, int64 db_handle) { | 504 int32 download_id, int64 db_handle) { |
| 500 // It's not immediately obvious, but HistoryBackend::CreateDownload() can | 505 // It's not immediately obvious, but HistoryBackend::CreateDownload() can |
| 501 // call this function with an invalid |db_handle|. For instance, this can | 506 // call this function with an invalid |db_handle|. For instance, this can |
| 502 // happen when the history database is offline. We cannot have multiple | 507 // happen when the history database is offline. We cannot have multiple |
| 503 // DownloadItems with the same invalid db_handle, so we need to assign a | 508 // DownloadItems with the same invalid db_handle, so we need to assign a |
| 504 // unique |db_handle| here. | 509 // unique |db_handle| here. |
| 505 if (db_handle == DownloadItem::kUninitializedHandle) | 510 if (db_handle == DownloadItem::kUninitializedHandle) |
| 506 db_handle = download_history_->GetNextFakeDbHandle(); | 511 db_handle = download_history_->GetNextFakeDbHandle(); |
| 507 download_manager_->OnItemAddedToPersistentStore(download_id, db_handle); | 512 download_manager_->OnItemAddedToPersistentStore(download_id, db_handle); |
| 508 } | 513 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7624031:
Treat files downloaded from the address bar as "always safe" (including extensions per discussion... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/