Replace whitespace at beginning and end of file with hyphens, rather than silently discarding.

net/base/net_util.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/net_util.h"
 
 #include <unicode/regex.h>
 #include <unicode/ucnv.h>
 #include <unicode/uidna.h>
 #include <unicode/ulocdata.h>
@@ skipping 140 matching lines @@
   0xFFFF, // Used to block all invalid port numbers (see
           // third_party/WebKit/Source/WebCore/platform/KURLGoogle.cpp, port())
 };
 
 // FTP overrides the following restricted ports.
 static const int kAllowedFtpPorts[] = {
   21,   // ftp data
   22,   // ssh
 };
 
+// This list should generally match the one in string_util.cc
+const char16 kWhitespaceUTF16[] = {

[jschuh, 2011/08/17 14:38:46]

Seems like we should add missed whitespace characters to the list in
string_util. And since we're going to need to include . characters in our check,
we'll need to make a local string anyway.

+  0x0009, /* <control-0009> to <control-000D> */ \
+  0x000A,                                        \
+  0x000B,                                        \
+  0x000C,                                        \
+  0x000D,                                        \
+  0x0020, /* Space */                            \
+  0x0085, /* <control-0085> */                   \
+  0x00A0, /* No-Break Space */                   \
+  0x1680, /* Ogham Space Mark */                 \
+  0x180E, /* Mongolian Vowel Separator */        \
+  0x2000, /* En Quad to Hair Space */            \
+  0x2001,                                        \
+  0x2002,                                        \
+  0x2003,                                        \
+  0x2004,                                        \
+  0x2005,                                        \
+  0x2006,                                        \
+  0x2007,                                        \
+  0x2008,                                        \
+  0x2009,                                        \
+  0x200A,                                        \
+  0x200C, /* Zero Width Non-Joiner */            \
+  0x2028, /* Line Separator */                   \
+  0x2029, /* Paragraph Separator */              \
+  0x202F, /* Narrow No-Break Space */            \
+  0x205F, /* Medium Mathematical Space */        \
+  0x3000, /* Ideographic Space */                \
+  0
+};
+
+static const char* const kHexString = "0123456789ABCDEF";
+inline char IntToHex(int i) {
+  return kHexString[i & 0xf];
+}
+
+std::string EscapeCharsInString(const std::string& input) {
+  std::string escaped_string;
+
+  escaped_string.reserve(input.length() * 3);
+  for (unsigned int i = 0; i < input.length(); i++) {
+    unsigned char c = static_cast<unsigned char>(input[i]);
+    escaped_string.push_back('%');
+    escaped_string.push_back(IntToHex(c >> 4));
+    escaped_string.push_back(IntToHex(c & 0xf));
+  }
+  return escaped_string;
+}
+
+string16 EscapeCharsInString(const string16& input) {
+  string16 escaped_string;
+
+  escaped_string.reserve(input.length() * 6);
+  for (unsigned int i = 0; i < input.length(); i++) {
+    char16 c = static_cast<char16>(input[i]);
+    escaped_string.push_back('%');
+    escaped_string.push_back('u');
+    escaped_string.push_back(IntToHex(c >> 12));
+    escaped_string.push_back(IntToHex((c >> 8) & 0xf));
+    escaped_string.push_back(IntToHex((c >> 4) & 0xf));
+    escaped_string.push_back(IntToHex(c & 0xf));
+  }
+  return escaped_string;
+}
+
+template<typename STR>
+void EscapeTrimChars(const STR& input,
+                     const typename STR::value_type escape_chars[],
+                     TrimPositions positions,
+                     STR* output) {
+  // Find the edges of leading/trailing whitespace as desired.
+  const typename STR::size_type last_char = input.length() - 1;
+  const typename STR::size_type first_good_char = (positions & TRIM_LEADING) ?
+      input.find_first_not_of(escape_chars) : 0;
+  const typename STR::size_type last_good_char = (positions & TRIM_TRAILING) ?
+      input.find_last_not_of(escape_chars) : last_char;
+  STR temp_string;
+
+  if (input.empty())
+    return;
+
+  if ((first_good_char == STR::npos) || (last_good_char == STR::npos)) {
+    // Escapery magic on whole string
+    return;
+  }
+
+  temp_string = EscapeCharsInString(input.substr(0,first_good_char));
+  temp_string += input.substr(first_good_char, last_good_char -
+                              first_good_char + 1);
+  if (last_good_char < last_char)
+    temp_string += EscapeCharsInString(input.substr(last_good_char+1));
+  *output = temp_string;
+
+  return;
+}
+
 // Similar to Base64Decode. Decodes a Q-encoded string to a sequence
 // of bytes. If input is invalid, return false.
 bool QPDecode(const std::string& input, std::string* output) {
   std::string temp;
   temp.reserve(input.size());
   std::string::const_iterator it = input.begin();
   while (it != input.end()) {
     if (*it == '_') {
       temp.push_back(' ');
     } else if (*it == '=') {
@@ skipping 1227 matching lines @@
     filename = suggested_name;
 
   if (!filename.empty()) {
     // Replace any path information the server may have sent, by changing
     // path separators with underscores.
     ReplaceSubstringsAfterOffset(&filename, 0, "/", "_");
     ReplaceSubstringsAfterOffset(&filename, 0, "\\", "_");
 
     // Next, remove "." from the beginning and end of the file name to avoid
     // tricks with hidden files, "..", and "."
+#if defined(OS_WIN)
+    EscapeTrimChars(filename, ".", TRIM_ALL, &filename);
+#else
     TrimString(filename, ".", &filename);
+#endif
   }
 
   if (filename.empty()) {
     // about: and data: URLs don't have file names, but esp. data: URLs may
     // contain parts that look like ones (i.e., contain a slash).
     // Therefore we don't attempt to divine a file name out of them.
     if (url.SchemeIs("about") || url.SchemeIs("data")) {
       return default_name.empty() ? ASCIIToUTF16(kFinalFallbackName)
                                   : default_name;
     }
@@ skipping 13 matching lines @@
                    &decoded_filename);
       }
 
       filename = decoded_filename;
     }
   }
 
 #if defined(OS_WIN)
   { // Handle CreateFile() stripping trailing dots and spaces on filenames
     // http://support.microsoft.com/kb/115827
-    std::string::size_type pos = filename.find_last_not_of(" .");
-    if (pos == std::string::npos)
-      filename.resize(0);
-    else
-      filename.resize(++pos);
+    EscapeTrimChars(filename, " .", TRIM_TRAILING, &filename);
   }
 #endif
   // Trim '.' once more.
   TrimString(filename, ".", &filename);
 
   // If there's no filename or it gets trimed to be empty, use
   // the URL hostname or default_name
   if (filename.empty()) {
     if (!default_name.empty()) {
       return default_name;
     } else if (url.is_valid()) {
       // Some schemes (e.g. file) do not have a hostname. Even though it's
       // not likely to reach here, let's hardcode the last fallback name.
       // TODO(jungshik) : Decode a 'punycoded' IDN hostname. (bug 1264451)
       filename = url.host().empty() ? kFinalFallbackName : url.host();
     } else {
       NOTREACHED();
     }
   }
 
 #if defined(OS_WIN)
   string16 path = UTF8ToUTF16(filename);
+  // On Windows we want to preserve or replace all characters including
+  // whitespace to prevent file extension obfuscation on trusted websites
+  // e.g. Gmail might think evil.exe. is safe, so we don't want it to become
+  // evil.exe when we download it
+  EscapeTrimChars(path, kWhitespaceUTF16, TRIM_ALL, &path);
   file_util::ReplaceIllegalCharactersInPath(&path, '-');
   return path;
 #else
   std::string path = filename;
   file_util::ReplaceIllegalCharactersInPath(&path, '-');
   return UTF8ToUTF16(path);
 #endif
 }
 
 FilePath GenerateFileName(const GURL& url,
@@ skipping 924 matching lines @@
 
 NetworkInterface::NetworkInterface(const std::string& name,
                                    const IPAddressNumber& address)
     : name(name), address(address) {
 }
 
 NetworkInterface::~NetworkInterface() {
 }
 
 }  // namespace net