[Downloads] Always call DM::StartDownload() for explicit downloads.

chrome/browser/download/download_target_determiner.cc

Index: chrome/browser/download/download_target_determiner.cc
diff --git a/chrome/browser/download/download_target_determiner.cc b/chrome/browser/download/download_target_determiner.cc
index 26f3d8811a12687d7b4027086ef60926de81bcfc..db9d81fcda115abf6802d24642d1dbe59bacfb53 100644
--- a/chrome/browser/download/download_target_determiner.cc
+++ b/chrome/browser/download/download_target_determiner.cc
@@ -240,15 +240,6 @@ DownloadTargetDeterminer::Result
   DCHECK(virtual_path_.IsAbsolute());
   DVLOG(20) << "Generated virtual path: " << virtual_path_.AsUTF8Unsafe();
 
-  // If the download is DOA, don't bother going any further. This would be the
-  // case for a download that failed to initialize (e.g. the initial temporary
-  // file couldn't be created because both the downloads directory and the
-  // temporary directory are unwriteable).
-  //
-  // A virtual path is determined for DOA downloads for display purposes. This
-  // is why this check is performed here instead of at the start.
-  if (download_->GetState() != DownloadItem::IN_PROGRESS)
-    return COMPLETE;
   return CONTINUE;
 }
 
@@ -259,7 +250,8 @@ DownloadTargetDeterminer::Result
 
   next_state_ = STATE_RESERVE_VIRTUAL_PATH;
 
-  if (!should_notify_extensions_)
+  if (!should_notify_extensions_ ||
+      download_->GetState() != DownloadItem::IN_PROGRESS)
     return CONTINUE;
 
   delegate_->NotifyExtensions(download_, virtual_path_,
@@ -307,6 +299,8 @@ DownloadTargetDeterminer::Result
   DCHECK(!virtual_path_.empty());
 
   next_state_ = STATE_PROMPT_USER_FOR_DOWNLOAD_PATH;
+  if (download_->GetState() != DownloadItem::IN_PROGRESS)
+    return CONTINUE;
 
   delegate_->ReserveVirtualPath(
       download_, virtual_path_, create_target_directory_, conflict_action_,
@@ -334,7 +328,9 @@ DownloadTargetDeterminer::Result
 
   next_state_ = STATE_DETERMINE_LOCAL_PATH;
 
-  if (should_prompt_) {
+  // Avoid prompting for a download if it isn't in-progress. The user will be
+  // prompted once the download is resumed and headers are available.
+  if (should_prompt_ && download_->GetState() == DownloadItem::IN_PROGRESS) {
     delegate_->PromptUserForDownloadPath(
         download_,
         virtual_path_,
@@ -572,6 +568,17 @@ DownloadTargetDeterminer::Result
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
   DCHECK(!virtual_path_.empty());
   next_state_ = STATE_CHECK_VISITED_REFERRER_BEFORE;
+
+  // Downloads that are already interrupted aren't checked for malicious URLs.
+  // Such downloads were unsuccessful at initiation and there should be no data
+  // saved at this point for the user to discard. If the download is
+  // subsequently resumed, DownloadTargetDeterminer would be invoked again and
+  // the URL check would be performed if the resumption was successful.
+  if (download_->GetState() != DownloadItem::IN_PROGRESS) {
+    DCHECK(download_->GetFullPath().empty());
+    return CONTINUE;
+  }
+
   delegate_->CheckDownloadUrl(
       download_,
       virtual_path_,
@@ -595,6 +602,15 @@ DownloadTargetDeterminer::Result
 
   next_state_ = STATE_DETERMINE_INTERMEDIATE_PATH;
 
+  // If the download is already interrupted, there should be no download file
+  // on-disk. So skip the danger type determination since there's no file for
+  // the user to discard. Also the absence of a on-disk file prevents a filename
+  // based attack (e.g. creating a foo.exe.local file). If the download is
+  // successfully resumed, then DownloadTargetDeterminer would be invoked again
+  // at which point the danger level would be determined again.
+  if (download_->GetState() != DownloadItem::IN_PROGRESS)
+    return CONTINUE;
+
   // Checking if there are prior visits to the referrer is only necessary if the
   // danger level of the download depends on the file type.
   if (danger_type_ != content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS &&