OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "webkit/database/database_util.h" | 5 #include "webkit/database/database_util.h" |
6 | 6 |
7 #include "base/utf_string_conversions.h" | 7 #include "base/utf_string_conversions.h" |
8 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h" | 8 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h" |
9 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" | 9 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" |
10 #include "webkit/database/database_tracker.h" | 10 #include "webkit/database/database_tracker.h" |
(...skipping 27 matching lines...) Expand all Loading... |
38 *database_name = vfs_file_name.substr( | 38 *database_name = vfs_file_name.substr( |
39 first_slash_index + 1, last_pound_index - first_slash_index - 1); | 39 first_slash_index + 1, last_pound_index - first_slash_index - 1); |
40 } | 40 } |
41 if (sqlite_suffix) { | 41 if (sqlite_suffix) { |
42 *sqlite_suffix = vfs_file_name.substr( | 42 *sqlite_suffix = vfs_file_name.substr( |
43 last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1); | 43 last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1); |
44 } | 44 } |
45 return true; | 45 return true; |
46 } | 46 } |
47 | 47 |
48 FilePath DatabaseUtil::GetFullFilePathForVfsFile( | 48 base::FilePath DatabaseUtil::GetFullFilePathForVfsFile( |
49 DatabaseTracker* db_tracker, const string16& vfs_file_name) { | 49 DatabaseTracker* db_tracker, const string16& vfs_file_name) { |
50 string16 origin_identifier; | 50 string16 origin_identifier; |
51 string16 database_name; | 51 string16 database_name; |
52 string16 sqlite_suffix; | 52 string16 sqlite_suffix; |
53 if (!CrackVfsFileName(vfs_file_name, &origin_identifier, | 53 if (!CrackVfsFileName(vfs_file_name, &origin_identifier, |
54 &database_name, &sqlite_suffix)) { | 54 &database_name, &sqlite_suffix)) { |
55 return FilePath(); // invalid vfs_file_name | 55 return base::FilePath(); // invalid vfs_file_name |
56 } | 56 } |
57 | 57 |
58 FilePath full_path = db_tracker->GetFullDBFilePath( | 58 base::FilePath full_path = db_tracker->GetFullDBFilePath( |
59 origin_identifier, database_name); | 59 origin_identifier, database_name); |
60 if (!full_path.empty() && !sqlite_suffix.empty()) { | 60 if (!full_path.empty() && !sqlite_suffix.empty()) { |
61 DCHECK(full_path.Extension().empty()); | 61 DCHECK(full_path.Extension().empty()); |
62 full_path = full_path.InsertBeforeExtensionASCII( | 62 full_path = full_path.InsertBeforeExtensionASCII( |
63 UTF16ToASCII(sqlite_suffix)); | 63 UTF16ToASCII(sqlite_suffix)); |
64 } | 64 } |
65 // Watch out for directory traversal attempts from a compromised renderer. | 65 // Watch out for directory traversal attempts from a compromised renderer. |
66 if (full_path.value().find(FILE_PATH_LITERAL("..")) != | 66 if (full_path.value().find(FILE_PATH_LITERAL("..")) != |
67 FilePath::StringType::npos) | 67 base::FilePath::StringType::npos) |
68 return FilePath(); | 68 return base::FilePath(); |
69 return full_path; | 69 return full_path; |
70 } | 70 } |
71 | 71 |
72 string16 DatabaseUtil::GetOriginIdentifier(const GURL& url) { | 72 string16 DatabaseUtil::GetOriginIdentifier(const GURL& url) { |
73 string16 spec = UTF8ToUTF16(url.spec()); | 73 string16 spec = UTF8ToUTF16(url.spec()); |
74 return WebKit::WebSecurityOrigin::createFromString(spec).databaseIdentifier(); | 74 return WebKit::WebSecurityOrigin::createFromString(spec).databaseIdentifier(); |
75 } | 75 } |
76 | 76 |
77 GURL DatabaseUtil::GetOriginFromIdentifier(const string16& origin_identifier) { | 77 GURL DatabaseUtil::GetOriginFromIdentifier(const string16& origin_identifier) { |
78 WebKit::WebSecurityOrigin web_security_origin = | 78 WebKit::WebSecurityOrigin web_security_origin = |
79 WebKit::WebSecurityOrigin::createFromDatabaseIdentifier( | 79 WebKit::WebSecurityOrigin::createFromDatabaseIdentifier( |
80 origin_identifier); | 80 origin_identifier); |
81 | 81 |
82 // We need this work-around for file:/// URIs as | 82 // We need this work-around for file:/// URIs as |
83 // createFromDatabaseIdentifier returns null origin_url for them. | 83 // createFromDatabaseIdentifier returns null origin_url for them. |
84 if (web_security_origin.isUnique()) { | 84 if (web_security_origin.isUnique()) { |
85 if (origin_identifier.find(UTF8ToUTF16("file__")) == 0) | 85 if (origin_identifier.find(UTF8ToUTF16("file__")) == 0) |
86 return GURL("file:///"); | 86 return GURL("file:///"); |
87 return GURL(); | 87 return GURL(); |
88 } | 88 } |
89 | 89 |
90 return GURL(web_security_origin.toString()); | 90 return GURL(web_security_origin.toString()); |
91 } | 91 } |
92 | 92 |
93 } // namespace webkit_database | 93 } // namespace webkit_database |
OLD | NEW |