OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "webkit/database/database_util.h" | 5 #include "webkit/database/database_util.h" |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/utf_string_conversions.h" | 8 #include "base/utf_string_conversions.h" |
9 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h" | 9 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h" |
10 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" | 10 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" |
11 #include "webkit/database/database_tracker.h" | 11 #include "webkit/database/database_tracker.h" |
12 #include "webkit/database/vfs_backend.h" | 12 #include "webkit/database/vfs_backend.h" |
13 | 13 |
14 namespace webkit_database { | 14 namespace webkit_database { |
15 | 15 |
16 const char DatabaseUtil::kJournalFileSuffix[] = "-journal"; | 16 const char DatabaseUtil::kJournalFileSuffix[] = "-journal"; |
17 | 17 |
18 bool DatabaseUtil::CrackVfsFileName(const string16& vfs_file_name, | 18 bool DatabaseUtil::CrackVfsFileName(const base::string16& vfs_file_name, |
19 string16* origin_identifier, | 19 base::string16* origin_identifier, |
20 string16* database_name, | 20 base::string16* database_name, |
21 string16* sqlite_suffix) { | 21 base::string16* sqlite_suffix) { |
22 // 'vfs_file_name' is of the form <origin_identifier>/<db_name>#<suffix>. | 22 // 'vfs_file_name' is of the form <origin_identifier>/<db_name>#<suffix>. |
23 // <suffix> is optional. | 23 // <suffix> is optional. |
24 DCHECK(!vfs_file_name.empty()); | 24 DCHECK(!vfs_file_name.empty()); |
25 size_t first_slash_index = vfs_file_name.find('/'); | 25 size_t first_slash_index = vfs_file_name.find('/'); |
26 size_t last_pound_index = vfs_file_name.rfind('#'); | 26 size_t last_pound_index = vfs_file_name.rfind('#'); |
27 // '/' and '#' must be present in the string. Also, the string cannot start | 27 // '/' and '#' must be present in the string. Also, the string cannot start |
28 // with a '/' (origin_identifier cannot be empty) and '/' must come before '#' | 28 // with a '/' (origin_identifier cannot be empty) and '/' must come before '#' |
29 if ((first_slash_index == string16::npos) || | 29 if ((first_slash_index == base::string16::npos) || |
30 (last_pound_index == string16::npos) || | 30 (last_pound_index == base::string16::npos) || |
31 (first_slash_index == 0) || | 31 (first_slash_index == 0) || |
32 (first_slash_index > last_pound_index)) { | 32 (first_slash_index > last_pound_index)) { |
33 return false; | 33 return false; |
34 } | 34 } |
35 | 35 |
36 if (origin_identifier) | 36 if (origin_identifier) |
37 *origin_identifier = vfs_file_name.substr(0, first_slash_index); | 37 *origin_identifier = vfs_file_name.substr(0, first_slash_index); |
38 if (database_name) { | 38 if (database_name) { |
39 *database_name = vfs_file_name.substr( | 39 *database_name = vfs_file_name.substr( |
40 first_slash_index + 1, last_pound_index - first_slash_index - 1); | 40 first_slash_index + 1, last_pound_index - first_slash_index - 1); |
41 } | 41 } |
42 if (sqlite_suffix) { | 42 if (sqlite_suffix) { |
43 *sqlite_suffix = vfs_file_name.substr( | 43 *sqlite_suffix = vfs_file_name.substr( |
44 last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1); | 44 last_pound_index + 1, vfs_file_name.length() - last_pound_index - 1); |
45 } | 45 } |
46 return true; | 46 return true; |
47 } | 47 } |
48 | 48 |
49 base::FilePath DatabaseUtil::GetFullFilePathForVfsFile( | 49 base::FilePath DatabaseUtil::GetFullFilePathForVfsFile( |
50 DatabaseTracker* db_tracker, const string16& vfs_file_name) { | 50 DatabaseTracker* db_tracker, const base::string16& vfs_file_name) { |
51 string16 origin_identifier; | 51 base::string16 origin_identifier; |
52 string16 database_name; | 52 base::string16 database_name; |
53 string16 sqlite_suffix; | 53 base::string16 sqlite_suffix; |
54 if (!CrackVfsFileName(vfs_file_name, &origin_identifier, | 54 if (!CrackVfsFileName(vfs_file_name, &origin_identifier, |
55 &database_name, &sqlite_suffix)) { | 55 &database_name, &sqlite_suffix)) { |
56 return base::FilePath(); // invalid vfs_file_name | 56 return base::FilePath(); // invalid vfs_file_name |
57 } | 57 } |
58 | 58 |
59 base::FilePath full_path = db_tracker->GetFullDBFilePath( | 59 base::FilePath full_path = db_tracker->GetFullDBFilePath( |
60 origin_identifier, database_name); | 60 origin_identifier, database_name); |
61 if (!full_path.empty() && !sqlite_suffix.empty()) { | 61 if (!full_path.empty() && !sqlite_suffix.empty()) { |
62 DCHECK(full_path.Extension().empty()); | 62 DCHECK(full_path.Extension().empty()); |
63 full_path = full_path.InsertBeforeExtensionASCII( | 63 full_path = full_path.InsertBeforeExtensionASCII( |
64 UTF16ToASCII(sqlite_suffix)); | 64 UTF16ToASCII(sqlite_suffix)); |
65 } | 65 } |
66 // Watch out for directory traversal attempts from a compromised renderer. | 66 // Watch out for directory traversal attempts from a compromised renderer. |
67 if (full_path.value().find(FILE_PATH_LITERAL("..")) != | 67 if (full_path.value().find(FILE_PATH_LITERAL("..")) != |
68 base::FilePath::StringType::npos) | 68 base::FilePath::StringType::npos) |
69 return base::FilePath(); | 69 return base::FilePath(); |
70 return full_path; | 70 return full_path; |
71 } | 71 } |
72 | 72 |
73 string16 DatabaseUtil::GetOriginIdentifier(const GURL& url) { | 73 base::string16 DatabaseUtil::GetOriginIdentifier(const GURL& url) { |
74 string16 spec = UTF8ToUTF16(url.spec()); | 74 base::string16 spec = UTF8ToUTF16(url.spec()); |
75 return WebKit::WebSecurityOrigin::createFromString(spec).databaseIdentifier(); | 75 return WebKit::WebSecurityOrigin::createFromString(spec).databaseIdentifier(); |
76 } | 76 } |
77 | 77 |
78 GURL DatabaseUtil::GetOriginFromIdentifier(const string16& origin_identifier) { | 78 GURL DatabaseUtil::GetOriginFromIdentifier( |
| 79 const base::string16& origin_identifier) { |
79 WebKit::WebSecurityOrigin web_security_origin = | 80 WebKit::WebSecurityOrigin web_security_origin = |
80 WebKit::WebSecurityOrigin::createFromDatabaseIdentifier( | 81 WebKit::WebSecurityOrigin::createFromDatabaseIdentifier( |
81 origin_identifier); | 82 origin_identifier); |
82 | 83 |
83 // We need this work-around for file:/// URIs as | 84 // We need this work-around for file:/// URIs as |
84 // createFromDatabaseIdentifier returns null origin_url for them. | 85 // createFromDatabaseIdentifier returns null origin_url for them. |
85 if (web_security_origin.isUnique()) { | 86 if (web_security_origin.isUnique()) { |
86 if (origin_identifier.find(UTF8ToUTF16("file__")) == 0) | 87 if (origin_identifier.find(UTF8ToUTF16("file__")) == 0) |
87 return GURL("file:///"); | 88 return GURL("file:///"); |
88 return GURL(); | 89 return GURL(); |
89 } | 90 } |
90 | 91 |
91 return GURL(web_security_origin.toString()); | 92 return GURL(web_security_origin.toString()); |
92 } | 93 } |
93 | 94 |
94 bool DatabaseUtil::IsValidOriginIdentifier(const string16& origin_identifier) { | 95 bool DatabaseUtil::IsValidOriginIdentifier( |
95 string16 dotdot = ASCIIToUTF16(".."); | 96 const base::string16& origin_identifier) { |
| 97 base::string16 dotdot = ASCIIToUTF16(".."); |
96 char16 forbidden[] = {'\\', '/', '\0'}; | 98 char16 forbidden[] = {'\\', '/', '\0'}; |
97 | 99 |
98 string16::size_type pos = origin_identifier.find(dotdot); | 100 base::string16::size_type pos = origin_identifier.find(dotdot); |
99 if (pos == string16::npos) | 101 if (pos == base::string16::npos) |
100 pos = origin_identifier.find_first_of(forbidden, 0, arraysize(forbidden)); | 102 pos = origin_identifier.find_first_of(forbidden, 0, arraysize(forbidden)); |
101 | 103 |
102 return pos == string16::npos; | 104 return pos == base::string16::npos; |
103 } | 105 } |
104 | 106 |
105 } // namespace webkit_database | 107 } // namespace webkit_database |
OLD | NEW |