chrome/browser/download/download_extensions.cc - Issue 1577533002: Add download pings for: .rels, .msg, .eml. Add UMA for .rtf.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/download/download_extensions.cc

Issue 1577533002: Add download pings for: .rels, .msg, .eml. Add UMA for .rtf. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 4 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/download/download_extensions.cc

diff --git a/chrome/browser/download/download_extensions.cc b/chrome/browser/download/download_extensions.cc

index 21ed194b729cf2ab274bddd49f676e6a03b5814c..12d0e4a5332545b6514f841f1edf5845b3229de5 100644

--- a/chrome/browser/download/download_extensions.cc

+++ b/chrome/browser/download/download_extensions.cc

@@ -71,6 +71,7 @@ const struct FileType {

// Included for parity with kSafeBrowsingFileTypes.

{"bin", NOT_DANGEROUS, ALLOW_AUTO_OPEN},

+ {"rtf", NOT_DANGEROUS, ALLOW_AUTO_OPEN},

// Archive file types. Not inherently dangerous, but could contain dangerous

// files. Included for parity with kSafeBrowsingFileTypes.

@@ -233,6 +234,11 @@ const struct FileType {

// Windows executables.

{"dll", DANGEROUS, DISALLOW_AUTO_OPEN},

{"drv", DANGEROUS, DISALLOW_AUTO_OPEN},

+ // Opens in Outlook. Not common, but could be exploited (CVE-2015-6172)

+ {"eml", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},

+ // Windows executable

{"exe", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

// Font file, uses Portable Executable or New Executable format. Not

@@ -316,6 +322,9 @@ const struct FileType {

// Microsoft Management Console Snap-in. Contains executable code.

{"msc", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

+ // Opens in Outlook. Not common, but could be exploited (CVE-2015-6172)

+ {"msg", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},

// Microsoft Shell.

{"msh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

{"msh1", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

@@ -342,6 +351,7 @@ const struct FileType {

// browser.

{"partial", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

{"xrm-ms", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

+ {"rels", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

{"svg", NOT_DANGEROUS, ALLOW_AUTO_OPEN},

{"xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

{"xsl", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},

« no previous file with comments | « no previous file | chrome/common/safe_browsing/download_protection_util.cc » ('j') | no next file with comments »