| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <set> | 5 #include <set> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "chrome/browser/download/download_extensions.h" | 8 #include "chrome/browser/download/download_extensions.h" |
| 9 | 9 |
| 10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 60 | 60 |
| 61 // Flash files downloaded locally can sometimes access the local filesystem. | 61 // Flash files downloaded locally can sometimes access the local filesystem. |
| 62 {"swf", DANGEROUS, DISALLOW_AUTO_OPEN}, | 62 {"swf", DANGEROUS, DISALLOW_AUTO_OPEN}, |
| 63 {"spl", DANGEROUS, DISALLOW_AUTO_OPEN}, | 63 {"spl", DANGEROUS, DISALLOW_AUTO_OPEN}, |
| 64 | 64 |
| 65 // Chrome extensions should be obtained through the web store. Allowed to | 65 // Chrome extensions should be obtained through the web store. Allowed to |
| 66 // open automatically because Chrome displays a prompt prior to | 66 // open automatically because Chrome displays a prompt prior to |
| 67 // installation. | 67 // installation. |
| 68 {"crx", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 68 {"crx", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 69 | 69 |
| 70 // Included for parity with kSafeBrowsingFileTypes. |
| 71 {"bin", NOT_DANGEROUS, ALLOW_AUTO_OPEN}, |
| 72 |
| 70 // Windows, all file categories. The list is in alphabetical order of | 73 // Windows, all file categories. The list is in alphabetical order of |
| 71 // extensions. Exceptions are made for logical groupings of file types. | 74 // extensions. Exceptions are made for logical groupings of file types. |
| 72 // | 75 // |
| 73 // Some file descriptions are based on | 76 // Some file descriptions are based on |
| 74 // https://support.office.com/article/Blocked-attachments-in-Outlook-3811cdd
c-17c3-4279-a30c-060ba0207372 | 77 // https://support.office.com/article/Blocked-attachments-in-Outlook-3811cdd
c-17c3-4279-a30c-060ba0207372 |
| 75 #if defined(OS_WIN) | 78 #if defined(OS_WIN) |
| 76 {"ad", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 79 {"ad", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 77 | 80 |
| 78 // Microsoft Access related. | 81 // Microsoft Access related. |
| 79 {"ade", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Project extension | 82 {"ade", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Project extension |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 165 | 168 |
| 166 // Device installation information. | 169 // Device installation information. |
| 167 {"inf", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 170 {"inf", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 168 | 171 |
| 169 // Generic configuration file. | 172 // Generic configuration file. |
| 170 {"ini", DANGEROUS, ALLOW_AUTO_OPEN}, | 173 {"ini", DANGEROUS, ALLOW_AUTO_OPEN}, |
| 171 | 174 |
| 172 // Microsoft IIS Internet Communication Settings. | 175 // Microsoft IIS Internet Communication Settings. |
| 173 {"ins", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 176 {"ins", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 174 | 177 |
| 178 // InstallShield Compiled Script. |
| 179 {"inx", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 180 |
| 181 // InstallShield Uninstaller Script. |
| 182 {"isu", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 183 |
| 175 // Microsoft IIS Internet Service Provider Settings. | 184 // Microsoft IIS Internet Service Provider Settings. |
| 176 {"isp", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 185 {"isp", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 177 | 186 |
| 187 // Windows Task Scheduler Job file. No handler is registered by default, so |
| 188 // this is probably normally not dangerous unless saved into the task |
| 189 // scheduler directory. |
| 190 {"job", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 191 |
| 178 // JavaScript file. May open using Windows Script Host with user level | 192 // JavaScript file. May open using Windows Script Host with user level |
| 179 // privileges. | 193 // privileges. |
| 180 {"js", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 194 {"js", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 181 | 195 |
| 182 // JScript encoded script file. Usually produced by running Microsoft Script | 196 // JScript encoded script file. Usually produced by running Microsoft Script |
| 183 // Encoder over a .js file. | 197 // Encoder over a .js file. |
| 184 // See https://msdn.microsoft.com/library/d14c8zsc.aspx | 198 // See https://msdn.microsoft.com/library/d14c8zsc.aspx |
| 185 {"jse", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 199 {"jse", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 186 | 200 |
| 187 // Shortcuts. May open anything. | 201 // Shortcuts. May open anything. |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 221 {"msi", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 235 {"msi", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 222 {"msp", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 236 {"msp", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 223 {"mst", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 237 {"mst", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 224 | 238 |
| 225 // ActiveX Control. | 239 // ActiveX Control. |
| 226 {"ocx", DANGEROUS, DISALLOW_AUTO_OPEN}, | 240 {"ocx", DANGEROUS, DISALLOW_AUTO_OPEN}, |
| 227 | 241 |
| 228 // Microsoft Office Profile Settings File. | 242 // Microsoft Office Profile Settings File. |
| 229 {"ops", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 243 {"ops", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 230 | 244 |
| 245 // Portable Application Installer File. |
| 246 {"paf", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 247 |
| 248 // Extensions that will open in IE even when chrome is set as default |
| 249 // browser. |
| 250 {"partial", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 251 {"xrm-ms", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 252 {"svg", NOT_DANGEROUS, ALLOW_AUTO_OPEN}, |
| 253 {"xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 254 {"xsl", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 255 |
| 231 // Microsoft Visual Test. | 256 // Microsoft Visual Test. |
| 232 {"pcd", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 257 {"pcd", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 233 | 258 |
| 234 // Program Information File. Originally intended to configure execution | 259 // Program Information File. Originally intended to configure execution |
| 235 // environment for legacy DOS files. They aren't meant to contain executable | 260 // environment for legacy DOS files. They aren't meant to contain executable |
| 236 // code. But Windows may execute a PIF file that is sniffed as a PE file. | 261 // code. But Windows may execute a PIF file that is sniffed as a PE file. |
| 237 {"pif", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 262 {"pif", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 238 | 263 |
| 239 // Developer Studio Build Log. | 264 // Developer Studio Build Log. |
| 240 {"plg", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 265 {"plg", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| (...skipping 14 matching lines...) Expand all Loading... |
| 255 {"ps2", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 280 {"ps2", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 256 {"ps2xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 281 {"ps2xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 257 {"psc1", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 282 {"psc1", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 258 {"psc2", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 283 {"psc2", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 259 | 284 |
| 260 // Registry file. Opening may cause registry settings to change. Users still | 285 // Registry file. Opening may cause registry settings to change. Users still |
| 261 // need to click through a prompt. So we could consider relaxing the | 286 // need to click through a prompt. So we could consider relaxing the |
| 262 // DISALLOW_AUTO_OPEN restriction. | 287 // DISALLOW_AUTO_OPEN restriction. |
| 263 {"reg", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 288 {"reg", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 264 | 289 |
| 290 // Registry Script Windows. |
| 291 {"rgs", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 292 |
| 265 // Microsoft Windows Explorer Command. | 293 // Microsoft Windows Explorer Command. |
| 266 // See https://support.microsoft.com/kb/190355 for an example. | 294 // See https://support.microsoft.com/kb/190355 for an example. |
| 267 {"scf", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 295 {"scf", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 268 | 296 |
| 269 // Microsoft Windows Screen Saver. | 297 // Microsoft Windows Screen Saver. |
| 270 {"scr", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 298 {"scr", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 271 | 299 |
| 272 // Microsoft Windows Script Component. Microsoft FoxPro Screen. | 300 // Microsoft Windows Script Component. Microsoft FoxPro Screen. |
| 273 // A Script Component is a COM component created using script. | 301 // A Script Component is a COM component created using script. |
| 274 // See https://msdn.microsoft.com/library/aa233148.aspx for an example. | 302 // See https://msdn.microsoft.com/library/aa233148.aspx for an example. |
| 275 {"sct", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 303 {"sct", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 276 | 304 |
| 277 // Microsoft Windows Shortcut into a document. | 305 // Microsoft Windows Shortcut into a document. |
| 278 // See https://support.microsoft.com/kb/212344 | 306 // See https://support.microsoft.com/kb/212344 |
| 279 {"shb", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 307 {"shb", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 280 | 308 |
| 281 // Shell Scrap Object File. | 309 // Shell Scrap Object File. |
| 282 {"shs", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 310 {"shs", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 283 | 311 |
| 284 // System executable. Windows tries hard to prevent you from opening these | 312 // System executable. Windows tries hard to prevent you from opening these |
| 285 // types of files. | 313 // types of files. |
| 286 {"sys", DANGEROUS, DISALLOW_AUTO_OPEN}, | 314 {"sys", DANGEROUS, DISALLOW_AUTO_OPEN}, |
| 287 | 315 |
| 316 // U3 Smart Application. |
| 317 {"u3p", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 318 |
| 288 // Internet Shortcut (new since IE9). Both .url and .website are .ini files | 319 // Internet Shortcut (new since IE9). Both .url and .website are .ini files |
| 289 // that describe a shortcut that points to a URL. They can point at | 320 // that describe a shortcut that points to a URL. They can point at |
| 290 // anything. Dropping a download of this type and opening it automatically | 321 // anything. Dropping a download of this type and opening it automatically |
| 291 // can in effect sidestep origin restrictions etc. | 322 // can in effect sidestep origin restrictions etc. |
| 292 {"url", DANGEROUS, DISALLOW_AUTO_OPEN}, | 323 {"url", DANGEROUS, DISALLOW_AUTO_OPEN}, |
| 293 {"website", DANGEROUS, DISALLOW_AUTO_OPEN}, | 324 {"website", DANGEROUS, DISALLOW_AUTO_OPEN}, |
| 294 | 325 |
| 295 // VBScript files. My open with Windows Script Host and execute with user | 326 // VBScript files. My open with Windows Script Host and execute with user |
| 296 // privileges. | 327 // privileges. |
| 297 {"vb", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 328 {"vb", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 298 {"vbe", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 329 {"vbe", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 299 {"vbs", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 330 {"vbs", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 331 // Some sites claim .vbscript is a valid extension for vbs files. |
| 332 {"vbscript", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 300 | 333 |
| 301 {"vsd", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 334 {"vsd", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 302 | 335 |
| 303 // Microsoft Visual Studio Binary-based Macro Project. | 336 // Microsoft Visual Studio Binary-based Macro Project. |
| 304 {"vsmacros", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 337 {"vsmacros", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 305 | 338 |
| 306 {"vss", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 339 {"vss", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 307 {"vst", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, | 340 {"vst", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, |
| 308 | 341 |
| 309 // Microsoft Visio Workspace. | 342 // Microsoft Visio Workspace. |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 344 // Shell languages. (OS_ANDROID is OS_POSIX.) OS_WIN shells are handled above. | 377 // Shell languages. (OS_ANDROID is OS_POSIX.) OS_WIN shells are handled above. |
| 345 #if defined(OS_POSIX) | 378 #if defined(OS_POSIX) |
| 346 {"bash", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 379 {"bash", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 347 {"csh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 380 {"csh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 348 {"ksh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 381 {"ksh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 349 {"sh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 382 {"sh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 350 {"shar", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 383 {"shar", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 351 {"tcsh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 384 {"tcsh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 352 #endif | 385 #endif |
| 353 #if defined(OS_MACOSX) | 386 #if defined(OS_MACOSX) |
| 387 // Automator Action. |
| 388 {"action", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 389 |
| 354 {"command", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 390 {"command", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 391 |
| 392 // Automator Workflow. |
| 393 {"workflow", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 355 #endif | 394 #endif |
| 356 | 395 |
| 357 // Package management formats. OS_WIN package formats are handled above. | 396 // Package management formats. OS_WIN package formats are handled above. |
| 358 #if defined(OS_MACOSX) || defined(OS_LINUX) | 397 #if defined(OS_MACOSX) || defined(OS_LINUX) |
| 359 {"pkg", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 398 {"pkg", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 360 #endif | 399 #endif |
| 361 #if defined(OS_LINUX) | 400 #if defined(OS_LINUX) |
| 362 {"deb", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 401 {"deb", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 363 {"rpm", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 402 {"rpm", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 403 |
| 404 // "common" executable file extensions for linux. There's not really much |
| 405 // reason to block since they require execute bit to actually run. Included |
| 406 // for histograms and to match kSafeBrowsingFileTypes. |
| 407 {"out", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 408 {"run", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 364 #endif | 409 #endif |
| 365 #if defined(OS_ANDROID) | 410 #if defined(OS_ANDROID) |
| 366 {"dex", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, | 411 {"dex", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN}, |
| 367 #endif | 412 #endif |
| 368 }; | 413 }; |
| 369 | 414 |
| 370 // FileType for files with an empty extension. | 415 // FileType for files with an empty extension. |
| 371 const FileType kEmptyFileType = {nullptr, NOT_DANGEROUS, DISALLOW_AUTO_OPEN}; | 416 const FileType kEmptyFileType = {nullptr, NOT_DANGEROUS, DISALLOW_AUTO_OPEN}; |
| 372 | 417 |
| 373 // Default FileType for non-empty extensions that aren't in the list above. | 418 // Default FileType for non-empty extensions that aren't in the list above. |
| (...skipping 27 matching lines...) Expand all Loading... |
| 401 | 446 |
| 402 DownloadDangerLevel GetFileDangerLevel(const base::FilePath& path) { | 447 DownloadDangerLevel GetFileDangerLevel(const base::FilePath& path) { |
| 403 return GetFileType(path).danger_level; | 448 return GetFileType(path).danger_level; |
| 404 } | 449 } |
| 405 | 450 |
| 406 bool IsAllowedToOpenAutomatically(const base::FilePath& path) { | 451 bool IsAllowedToOpenAutomatically(const base::FilePath& path) { |
| 407 return GetFileType(path).auto_open_hint == ALLOW_AUTO_OPEN; | 452 return GetFileType(path).auto_open_hint == ALLOW_AUTO_OPEN; |
| 408 } | 453 } |
| 409 | 454 |
| 410 } // namespace download_util | 455 } // namespace download_util |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1429523002:
Safebrowsing check file extensions that open in IE. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master