Fix an issue that download filename from content disposition is not sanitized

content/browser/android/download_controller_android_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/android/download_controller_android_impl.h"
 
 #include <utility>
 
 #include "base/android/context_utils.h"
 #include "base/android/jni_android.h"
@@ skipping 14 matching lines @@
 #include "content/browser/renderer_host/render_view_host_impl.h"
 #include "content/browser/web_contents/web_contents_impl.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/download_url_parameters.h"
 #include "content/public/browser/global_request_id.h"
 #include "content/public/browser/resource_request_info.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/referrer.h"
 #include "jni/DownloadController_jni.h"
+#include "net/base/filename_util.h"
 #include "net/cookies/cookie_options.h"
 #include "net/cookies/cookie_store.h"
 #include "net/http/http_content_disposition.h"
 #include "net/http/http_request_headers.h"
 #include "net/http/http_response_headers.h"
 #include "net/url_request/url_request.h"
 #include "net/url_request/url_request_context.h"
 
 using base::android::ConvertUTF8ToJavaString;
 using base::android::ScopedJavaLocalRef;
@@ skipping 338 matching lines @@
       ConvertUTF8ToJavaString(env, info.content_disposition);
   ScopedJavaLocalRef<jstring> jmime_type =
       ConvertUTF8ToJavaString(env, info.original_mime_type);
   ScopedJavaLocalRef<jstring> jcookie =
       ConvertUTF8ToJavaString(env, info.cookie);
   ScopedJavaLocalRef<jstring> jreferer =
       ConvertUTF8ToJavaString(env, info.referer);
 
   // Try parsing the content disposition header to get a
   // explicitly specified filename if available.
   net::HttpContentDisposition header(info.content_disposition, "");

[asanka, 2016/02/22 22:56:08]

header is unused.

[qinmin, 2016/02/22 23:03:36]

Done.

   ScopedJavaLocalRef<jstring> jfilename =
-      ConvertUTF8ToJavaString(env, header.filename());
+      base::android::ConvertUTF16ToJavaString(
+          env,
+          net::GetSuggestedFilename(info.url,
+                                    info.content_disposition,
+                                    std::string(),  // referrer_charset
+                                    std::string(),  // suggested_name
+                                    info.original_mime_type,
+                                    std::string()));  // default name

[asanka, 2016/02/22 22:56:08]

Provide a default name in case one cannot be generated based on the URL and
Content-Disposition.

[qinmin, 2016/02/22 23:03:36]

net::GetSuggestedFilename() will fallback to "download" as filename, so i think
this is not needed.

[asanka, 2016/02/23 00:05:56]

That's not a localized string. See IDS_DEFAULT_DOWNLOAD_FILENAME for the correct
fallback filename.

[qinmin, 2016/02/23 07:23:10]

Done. IDS_DEFAULT_DOWNLOAD_FILENAME is defined in chrome/, use
DownloadManagerService to pass the localized string to this class

 
   Java_DownloadController_newHttpGetDownload(
       env, GetJavaObject()->Controller(env).obj(), view.obj(), jurl.obj(),
       juser_agent.obj(), jcontent_disposition.obj(), jmime_type.obj(),
       jcookie.obj(), jreferer.obj(), info.has_user_gesture, jfilename.obj(),
       info.total_bytes);
 }
 
 void DownloadControllerAndroidImpl::OnDownloadStarted(
     DownloadItem* download_item) {
@@ skipping 166 matching lines @@
   }
 
   const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request);
   if (info)
     has_user_gesture = info->HasUserGesture();
 }
 
 DownloadControllerAndroidImpl::DownloadInfoAndroid::~DownloadInfoAndroid() {}
 
 }  // namespace content