DescriptionNeutralize dangerous subresource files during Save Page.
Downloading a complete page using "Save as..." can result in downloading
hundreds of subresources. The user often isn't interested in accessing
individual resources directly while they are on disk. In addition,
scanning hundreds of files during a single save page operation isn't
currently practical.
In order to mitigate the potential risk of leaving dangerous files
around on the users' filesystem, this CL renames known dangerous files
with an additional ".download" extension. I.e. A subresource named
foo.exe would be saved as foo.exe.download.
The code review includes lists of file types that are known to be
affected by this change. Notable file types include .js, .swf, and
.class. As a side-effect of the rename, they will not receive the
correct MIME type when loaded via a file:// URL. The saved page should
still function correctly even with the renamed resources.
R=nparker@chromium.org, jam@chromium.org
BUG=599224
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:closure_compilation
Committed: https://crrev.com/953b8f294a892c364de0d9805156422ace1ce49c
Cr-Commit-Position: refs/heads/master@{#401729}
Patch Set 1 #Patch Set 2 : Add a DCHECK to verify that sanitization doesn't affect containing directory. #
Total comments: 7
Patch Set 3 : Address comments #Patch Set 4 : Rebase over CL to remove test SavePackage constructor which was giving me a hard time. #Patch Set 5 : git squash commit. #Patch Set 6 : Fix windows build #Patch Set 7 : Fix Windows build #Patch Set 8 : Add a note to safe_browsing/README.md about "Save as" downloads #
Total comments: 2
Patch Set 9 : Reword note in README.md #
Total comments: 4
Patch Set 10 : Address jam's comments #Patch Set 11 : Catch up with ToT #Messages
Total messages: 22 (7 generated)
|