Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1438)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/download/download_extensions.cc

Issue 1982723002: Use FileTypePolicies for download danger classifications. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@use_policies
Patch Set: Fix bad rebase Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/download/download_extensions.h ('k') | chrome/browser/download/download_item_model.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/download/download_extensions.cc
diff --git a/chrome/browser/download/download_extensions.cc b/chrome/browser/download/download_extensions.cc
deleted file mode 100644
index 34a58ccc8e6fe3491fd6bcb995579d58776a96e9..0000000000000000000000000000000000000000
--- a/chrome/browser/download/download_extensions.cc
+++ /dev/null
@@ -1,582 +0,0 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include <set>
-#include <string>
-
-#include "chrome/browser/download/download_extensions.h"
-
-#include "base/macros.h"
-#include "base/strings/string_util.h"
-#include "base/strings/utf_string_conversions.h"
-#include "build/build_config.h"
-#include "net/base/mime_util.h"
-
-namespace download_util {
-
-namespace {
-
-enum DownloadAutoOpenHint {
- ALLOW_AUTO_OPEN,
-
- // The file type should not be allowed to open automatically.
- //
- // Criteria for disallowing a file type from opening automatically:
- //
- // Includes file types that upon opening may either:
- // * ... execute arbitrary or harmful code with user privileges.
- // * ... change configuration of the system to cause harmful behavior
- // immediately or at some time in the future.
- //
- // Doesn't include file types that upon opening:
- // * ... sufficiently warn the user about the fact that:
- // - This file was downloaded from the internet.
- // - Opening it can make specified changes to the system.
- // (Note that any such warnings need to be displayed prior to the harmful
- // logic being executed).
- // * ... does nothing particularly dangerous, despite the act of downloading
- // itself being dangerous (E.g. .local and .manifest files).
- DISALLOW_AUTO_OPEN,
-};
-
-// Guidelines for adding a new dangerous file type:
-//
-// * Include a comment above the file type that:
-// - Describes the file type.
-// - Justifies why it is considered dangerous if this isn't obvious from the
-// description.
-// - Justifies why the file type is disallowed from auto opening, if
-// necessary.
-// * Add the file extension to the kDangerousFileTypes array in
-// download_stats.cc.
-//
-// TODO(asanka): All file types listed below should have descriptions.
-const struct FileType {
- const char* extension; // Extension sans leading extension separator.
- DownloadDangerLevel danger_level;
- DownloadAutoOpenHint auto_open_hint;
-} kDownloadFileTypes[] = {
- // Some files are dangerous on all platforms.
-
- // Flash files downloaded locally can sometimes access the local filesystem.
- {"swf", DANGEROUS, DISALLOW_AUTO_OPEN},
- {"spl", DANGEROUS, DISALLOW_AUTO_OPEN},
-
- // Chrome extensions should be obtained through the web store. Allowed to
- // open automatically because Chrome displays a prompt prior to
- // installation.
- {"crx", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Included for parity with kSafeBrowsingFileTypes.
- {"bin", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"rtf", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
-
- // Archive file types. Not inherently dangerous, but could contain dangerous
- // files. Included for parity with kSafeBrowsingFileTypes.
- {"001", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"7z", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"ace", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"arc", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"arj", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"b64", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"balz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"bhx", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"bz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"bz2", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"bzip2", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"cab", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"cpio", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"fat", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"gz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"gzip", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"hfs", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"hqx", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"iso", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"lha", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"lpaq1", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"lpaq5", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"lpaq8", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"lzh", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"lzma", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"mim", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"ntfs", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"paq8f", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"paq8jd", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"paq8l", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"paq8o", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"pea", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"quad", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r00", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r01", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r02", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r03", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r04", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r05", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r06", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r07", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r08", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r09", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r10", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r11", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r12", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r13", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r14", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r15", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r16", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r17", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r18", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r19", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r20", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r21", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r22", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r23", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r24", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r25", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r26", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r27", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r28", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"r29", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"rar", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"squashfs", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"swm", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"tar", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"taz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"tbz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"tbz2", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"tgz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"tpz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"txz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"tz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"udf", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"uu", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"uue", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"vhd", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"vhdx", NOT_DANGEROUS, ALLOW_AUTO_OPEN}, // Opens in IE, drops MOTW
- {"vmdk", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"wim", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"wrc", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"xar", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"xxe", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"xz", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"z", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"zip", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"zipx", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"zpaq", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
-
- // Windows, all file categories. The list is in alphabetical order of
- // extensions. Exceptions are made for logical groupings of file types.
- //
- // Some file descriptions are based on
- // https://support.office.com/article/Blocked-attachments-in-Outlook-3811cddc-17c3-4279-a30c-060ba0207372
-#if defined(OS_WIN)
- {"ad", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Access related.
- {"ade", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Project extension
- {"adp", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Project.
- {"mad", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Module Shortcut.
- {"maf", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
- {"mag", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Diagram Shortcut.
- {"mam", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Macro Shortcut.
- {"maq", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Query Shortcut.
- {"mar", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Report Shortcut.
- {"mas", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Stored Procedures.
- {"mat", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Table Shortcut.
- {"mav", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // View Shortcut.
- {"maw", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Data Access Page.
- {"mda", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Access Add-in.
- {"mdb", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Database.
- {"mde", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Database.
- {"mdt", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Add-in Data.
- {"mdw", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Workgroup Information.
- {"mdz", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN}, // Wizard Template.
-
- // Executable Application.
- {"app", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft ClickOnce depolyment manifest. By default, opens with
- // dfshim.dll which should prompt the user before running untrusted code.
- {"application", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
- // ClickOnce application reference. Basically a .lnk for ClickOnce apps.
- {"appref-ms", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Active Server Pages source file.
- {"asp", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Advanced Stream Redirector. Contains a playlist of media files.
- {"asx", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Visual Basic source file. Opens by default in an editor.
- {"bas", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Command script.
- {"bat", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- {"cfg", DANGEROUS, ALLOW_AUTO_OPEN},
-
- // Windows Compiled HTML Help files.
- {"chi", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
- {"chm", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Command script.
- {"cmd", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Windows legacy executable.
- {"com", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Control panel tool. Executable.
- {"cpl", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Signed certificate file.
- {"crt", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Windows executables.
- {"dll", DANGEROUS, DISALLOW_AUTO_OPEN},
- {"drv", DANGEROUS, DISALLOW_AUTO_OPEN},
-
- // Opens in Outlook. Not common, but could be exploited (CVE-2015-6172)
- {"eml", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Windows executable
- {"exe", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Font file, uses Portable Executable or New Executable format. Not
- // supposed to contain executable code.
- {"fon", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Microsoft FoxPro Compiled Source.
- {"fxp", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Windows Sidebar Gadget (Vista & Win 7). ZIP archive containing html + js.
- // Deprecated by Microsoft. Can run arbitrary code with user privileges.
- // (https://technet.microsoft.com/library/security/2719662)
- {"gadget", DANGEROUS, DISALLOW_AUTO_OPEN},
-
- // MSProgramGroup (?).
- {"grp", DANGEROUS, ALLOW_AUTO_OPEN},
-
- // Windows legacy help file format.
- {"hlp", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // HTML Application. Executes as a fully trusted application.
- {"hta", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Hypertext Template File. See https://support.microsoft.com/kb/181689.
- {"htt", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Device installation information.
- {"inf", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Generic configuration file.
- {"ini", DANGEROUS, ALLOW_AUTO_OPEN},
-
- // Microsoft IIS Internet Communication Settings.
- {"ins", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // InstallShield Compiled Script.
- {"inx", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // InstallShield Uninstaller Script.
- {"isu", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Microsoft IIS Internet Service Provider Settings.
- {"isp", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Windows Task Scheduler Job file. No handler is registered by default, so
- // this is probably normally not dangerous unless saved into the task
- // scheduler directory.
- {"job", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // JavaScript file. May open using Windows Script Host with user level
- // privileges.
- {"js", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // JScript encoded script file. Usually produced by running Microsoft Script
- // Encoder over a .js file.
- // See https://msdn.microsoft.com/library/d14c8zsc.aspx
- {"jse", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Shortcuts. May open anything.
- {"lnk", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // .local files affect DLL search path for .exe file with same base name.
- {"local", DANGEROUS, ALLOW_AUTO_OPEN},
-
- // While being a generic name, having a .manifest file with the same
- // basename as .exe file (foo.exe + foo.exe.manifest) changes the dll search
- // order for the .exe file. Downloading this kind of file to the users'
- // download directory is almost always the wrong thing to do.
- {"manifest", DANGEROUS, ALLOW_AUTO_OPEN},
-
- // Media Attachment Unit.
- {"mau", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Multipart HTML.
- {"mht", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
- {"mhtml", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- {"mmc", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
- {"mof", DANGEROUS, ALLOW_AUTO_OPEN},
-
- // Microsoft Management Console Snap-in. Contains executable code.
- {"msc", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Opens in Outlook. Not common, but could be exploited (CVE-2015-6172)
- {"msg", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Shell.
- {"msh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"msh1", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"msh2", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"mshxml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"msh1xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"msh2xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Windows Installer.
- {"msi", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"msp", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"mst", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // ActiveX Control.
- {"ocx", DANGEROUS, DISALLOW_AUTO_OPEN},
-
- // Microsoft Office Profile Settings File.
- {"ops", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Portable Application Installer File.
- {"paf", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Extensions that will open in IE even when chrome is set as default
- // browser.
- {"partial", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"xrm-ms", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"rels", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"svg", NOT_DANGEROUS, ALLOW_AUTO_OPEN},
- {"xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"xsl", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Microsoft Visual Test.
- {"pcd", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Program Information File. Originally intended to configure execution
- // environment for legacy DOS files. They aren't meant to contain executable
- // code. But Windows may execute a PIF file that is sniffed as a PE file.
- {"pif", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Developer Studio Build Log.
- {"plg", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Windows System File.
- {"prf", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Program File.
- {"prg", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Exchange Address Book File. Microsoft Outlook Personal Folder
- // File.
- {"pst", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Windows PowerShell.
- {"ps1", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"ps1xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"ps2", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"ps2xml", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"psc1", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"psc2", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Registry file. Opening may cause registry settings to change. Users still
- // need to click through a prompt. So we could consider relaxing the
- // DISALLOW_AUTO_OPEN restriction.
- {"reg", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Registry Script Windows.
- {"rgs", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Microsoft Windows Explorer Command.
- // See https://support.microsoft.com/kb/190355 for an example.
- {"scf", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Windows Screen Saver.
- {"scr", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Microsoft Windows Script Component. Microsoft FoxPro Screen.
- // A Script Component is a COM component created using script.
- // See https://msdn.microsoft.com/library/aa233148.aspx for an example.
- {"sct", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Windows Shortcut into a document.
- // See https://support.microsoft.com/kb/212344
- {"shb", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Shell Scrap Object File.
- {"shs", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // System executable. Windows tries hard to prevent you from opening these
- // types of files.
- {"sys", DANGEROUS, DISALLOW_AUTO_OPEN},
-
- // U3 Smart Application.
- {"u3p", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Internet Shortcut (new since IE9). Both .url and .website are .ini files
- // that describe a shortcut that points to a URL. They can point at
- // anything. Dropping a download of this type and opening it automatically
- // can in effect sidestep origin restrictions etc.
- {"url", DANGEROUS, DISALLOW_AUTO_OPEN},
- {"website", DANGEROUS, DISALLOW_AUTO_OPEN},
-
- // VBScript files. My open with Windows Script Host and execute with user
- // privileges.
- {"vb", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"vbe", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"vbs", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- // Some sites claim .vbscript is a valid extension for vbs files.
- {"vbscript", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- {"vsd", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Visual Studio Binary-based Macro Project.
- {"vsmacros", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- {"vss", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
- {"vst", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Microsoft Visio Workspace.
- {"vsw", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Windows Script Host related.
- {"ws", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"wsc", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"wsf", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"wsh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // XAML Browser Application.
- {"xbap", DANGEROUS, DISALLOW_AUTO_OPEN},
-
- // Microsoft Exchange Public Folder Shortcut.
- {"xnk", ALLOW_ON_USER_GESTURE, ALLOW_AUTO_OPEN},
-
- // Windows Vista Index Search Data, for local file system.
- // Used to find files landed surreptitiously w/o UI.
- {"search-ms", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-#endif // OS_WIN
-
- // Java.
-#if !defined(OS_CHROMEOS)
- {"class", DANGEROUS, DISALLOW_AUTO_OPEN},
- {"jar", DANGEROUS, DISALLOW_AUTO_OPEN},
- {"jnlp", DANGEROUS, DISALLOW_AUTO_OPEN},
-#endif
-
-#if !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
- // Scripting languages. (Shells are handled below.)
- {"pl", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"py", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"pyc", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"pyw", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"rb", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Extensible Firmware Interface executable.
- {"efi", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-#endif
-
- // Shell languages. (OS_ANDROID is OS_POSIX.) OS_WIN shells are handled above.
-#if defined(OS_POSIX)
- {"bash", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"csh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"ksh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"sh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"shar", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"tcsh", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-#endif
-#if defined(OS_MACOSX)
- // Automator Action.
- {"action", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- {"command", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Automator Workflow.
- {"workflow", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // Executable file extensions for Mac.
- {"cdr", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"dart", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"dc42", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"diskcopy42", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"dmg", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"dmgpart", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"dvdr", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"img", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"imgpart", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"ndif", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"smi", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"sparsebundle", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"sparseimage", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"toast", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"udif", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-#endif
-
- // Package management formats. OS_WIN package formats are handled above.
-#if defined(OS_MACOSX) || defined(OS_LINUX)
- {"pkg", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-#endif
-#if defined(OS_LINUX)
- {"deb", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"pet", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"pup", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"rpm", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"slp", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-
- // "common" executable file extensions for linux. There's not really much
- // reason to block since they require execute bit to actually run. Included
- // for histograms and to match kSafeBrowsingFileTypes.
- {"out", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
- {"run", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-#endif
-#if defined(OS_ANDROID)
- {"dex", ALLOW_ON_USER_GESTURE, DISALLOW_AUTO_OPEN},
-#endif
-};
-
-// FileType for files with an empty extension.
-const FileType kEmptyFileType = {nullptr, NOT_DANGEROUS, DISALLOW_AUTO_OPEN};
-
-// Default FileType for non-empty extensions that aren't in the list above.
-const FileType kUnknownFileType = {nullptr, NOT_DANGEROUS, ALLOW_AUTO_OPEN};
-
-const FileType& GetFileType(const base::FilePath& path) {
- base::FilePath::StringType extension(path.FinalExtension());
- if (extension.empty())
- return kEmptyFileType;
- if (!base::IsStringASCII(extension))
- return kUnknownFileType;
-#if defined(OS_WIN)
- std::string ascii_extension = base::UTF16ToASCII(extension);
-#elif defined(OS_POSIX)
- std::string ascii_extension = extension;
-#endif
-
- // Strip out leading dot if it's still there
- if (ascii_extension[0] == base::FilePath::kExtensionSeparator)
- ascii_extension.erase(0, 1);
-
- for (const auto& file_type : kDownloadFileTypes) {
- if (base::LowerCaseEqualsASCII(ascii_extension, file_type.extension))
- return file_type;
- }
-
- return kUnknownFileType;
-}
-
-} // namespace
-
-DownloadDangerLevel GetFileDangerLevel(const base::FilePath& path) {
- return GetFileType(path).danger_level;
-}
-
-bool IsAllowedToOpenAutomatically(const base::FilePath& path) {
- return GetFileType(path).auto_open_hint == ALLOW_AUTO_OPEN;
-}
-
-} // namespace download_util
« no previous file with comments | « chrome/browser/download/download_extensions.h ('k') | chrome/browser/download/download_item_model.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698