| Index: webkit/browser/fileapi/sandbox_context.cc
|
| diff --git a/webkit/browser/fileapi/sandbox_context.cc b/webkit/browser/fileapi/sandbox_context.cc
|
| index beba7acef87c183dc3385d68a297e5b1f390d9c1..006c86742d27968a5c8fe5c4bec8490b427aee28 100644
|
| --- a/webkit/browser/fileapi/sandbox_context.cc
|
| +++ b/webkit/browser/fileapi/sandbox_context.cc
|
| @@ -4,15 +4,58 @@
|
|
|
| #include "webkit/browser/fileapi/sandbox_context.h"
|
|
|
| +#include "base/command_line.h"
|
| +#include "base/file_util.h"
|
| +#include "base/stl_util.h"
|
| #include "base/task_runner_util.h"
|
| +#include "net/base/net_util.h"
|
| #include "webkit/browser/fileapi/async_file_util_adapter.h"
|
| +#include "webkit/browser/fileapi/file_system_context.h"
|
| +#include "webkit/browser/fileapi/file_system_operation_context.h"
|
| +#include "webkit/browser/fileapi/file_system_url.h"
|
| #include "webkit/browser/fileapi/file_system_usage_cache.h"
|
| #include "webkit/browser/fileapi/obfuscated_file_util.h"
|
| #include "webkit/browser/fileapi/sandbox_quota_observer.h"
|
| #include "webkit/browser/quota/quota_manager.h"
|
| +#include "webkit/common/fileapi/file_system_util.h"
|
|
|
| namespace fileapi {
|
|
|
| +namespace {
|
| +
|
| +// Restricted names.
|
| +// http://dev.w3.org/2009/dap/file-system/file-dir-sys.html#naming-restrictions
|
| +const base::FilePath::CharType* const kRestrictedNames[] = {
|
| + FILE_PATH_LITERAL("."), FILE_PATH_LITERAL(".."),
|
| +};
|
| +
|
| +// Restricted chars.
|
| +const base::FilePath::CharType kRestrictedChars[] = {
|
| + FILE_PATH_LITERAL('/'), FILE_PATH_LITERAL('\\'),
|
| +};
|
| +
|
| +class ObfuscatedOriginEnumerator
|
| + : public SandboxContext::OriginEnumerator {
|
| + public:
|
| + explicit ObfuscatedOriginEnumerator(ObfuscatedFileUtil* file_util) {
|
| + enum_.reset(file_util->CreateOriginEnumerator());
|
| + }
|
| + virtual ~ObfuscatedOriginEnumerator() {}
|
| +
|
| + virtual GURL Next() OVERRIDE {
|
| + return enum_->Next();
|
| + }
|
| +
|
| + virtual bool HasFileSystemType(fileapi::FileSystemType type) const OVERRIDE {
|
| + return enum_->HasFileSystemType(type);
|
| + }
|
| +
|
| + private:
|
| + scoped_ptr<ObfuscatedFileUtil::AbstractOriginEnumerator> enum_;
|
| +};
|
| +
|
| +} // namespace
|
| +
|
| const base::FilePath::CharType
|
| SandboxContext::kFileSystemDirectory[] = FILE_PATH_LITERAL("File System");
|
|
|
| @@ -20,7 +63,8 @@ SandboxContext::SandboxContext(
|
| quota::QuotaManagerProxy* quota_manager_proxy,
|
| base::SequencedTaskRunner* file_task_runner,
|
| const base::FilePath& profile_path,
|
| - quota::SpecialStoragePolicy* special_storage_policy)
|
| + quota::SpecialStoragePolicy* special_storage_policy,
|
| + const FileSystemOptions& file_system_options)
|
| : file_task_runner_(file_task_runner),
|
| sandbox_file_util_(new AsyncFileUtilAdapter(
|
| new ObfuscatedFileUtil(
|
| @@ -33,7 +77,8 @@ SandboxContext::SandboxContext(
|
| file_task_runner,
|
| sync_file_util(),
|
| usage_cache())),
|
| - special_storage_policy_(special_storage_policy) {
|
| + special_storage_policy_(special_storage_policy),
|
| + file_system_options_(file_system_options) {
|
| }
|
|
|
| SandboxContext::~SandboxContext() {
|
| @@ -51,6 +96,219 @@ SandboxContext::~SandboxContext() {
|
| }
|
| }
|
|
|
| +bool SandboxContext::IsAccessValid(const FileSystemURL& url) const {
|
| + if (!IsAllowedScheme(url.origin()))
|
| + return false;
|
| +
|
| + if (url.path().ReferencesParent())
|
| + return false;
|
| +
|
| + // Return earlier if the path is '/', because VirtualPath::BaseName()
|
| + // returns '/' for '/' and we fail the "basename != '/'" check below.
|
| + // (We exclude '.' because it's disallowed by spec.)
|
| + if (VirtualPath::IsRootPath(url.path()) &&
|
| + url.path() != base::FilePath(base::FilePath::kCurrentDirectory))
|
| + return true;
|
| +
|
| + // Restricted names specified in
|
| + // http://dev.w3.org/2009/dap/file-system/file-dir-sys.html#naming-restrictions
|
| + base::FilePath filename = VirtualPath::BaseName(url.path());
|
| + // See if the name is allowed to create.
|
| + for (size_t i = 0; i < arraysize(kRestrictedNames); ++i) {
|
| + if (filename.value() == kRestrictedNames[i])
|
| + return false;
|
| + }
|
| + for (size_t i = 0; i < arraysize(kRestrictedChars); ++i) {
|
| + if (filename.value().find(kRestrictedChars[i]) !=
|
| + base::FilePath::StringType::npos)
|
| + return false;
|
| + }
|
| +
|
| + return true;
|
| +}
|
| +
|
| +bool SandboxContext::IsAllowedScheme(const GURL& url) const {
|
| + // Basically we only accept http or https. We allow file:// URLs
|
| + // only if --allow-file-access-from-files flag is given.
|
| + if (url.SchemeIs("http") || url.SchemeIs("https"))
|
| + return true;
|
| + if (url.SchemeIsFileSystem())
|
| + return url.inner_url() && IsAllowedScheme(*url.inner_url());
|
| +
|
| + for (size_t i = 0;
|
| + i < file_system_options_.additional_allowed_schemes().size();
|
| + ++i) {
|
| + if (url.SchemeIs(
|
| + file_system_options_.additional_allowed_schemes()[i].c_str()))
|
| + return true;
|
| + }
|
| + return false;
|
| +}
|
| +
|
| +SandboxContext::OriginEnumerator* SandboxContext::CreateOriginEnumerator() {
|
| + return new ObfuscatedOriginEnumerator(sync_file_util());
|
| +}
|
| +
|
| +base::FilePath SandboxContext::GetBaseDirectoryForOriginAndType(
|
| + const GURL& origin_url, fileapi::FileSystemType type, bool create) {
|
| + base::PlatformFileError error = base::PLATFORM_FILE_OK;
|
| + base::FilePath path = sync_file_util()->GetDirectoryForOriginAndType(
|
| + origin_url, type, create, &error);
|
| + if (error != base::PLATFORM_FILE_OK)
|
| + return base::FilePath();
|
| + return path;
|
| +}
|
| +
|
| +base::PlatformFileError SandboxContext::DeleteOriginDataOnFileThread(
|
| + FileSystemContext* file_system_context,
|
| + quota::QuotaManagerProxy* proxy,
|
| + const GURL& origin_url,
|
| + fileapi::FileSystemType type) {
|
| + int64 usage = GetOriginUsageOnFileThread(
|
| + file_system_context, origin_url, type);
|
| + usage_cache()->CloseCacheFiles();
|
| + bool result = sync_file_util()->DeleteDirectoryForOriginAndType(
|
| + origin_url, type);
|
| + if (result && proxy) {
|
| + proxy->NotifyStorageModified(
|
| + quota::QuotaClient::kFileSystem,
|
| + origin_url,
|
| + FileSystemTypeToQuotaStorageType(type),
|
| + -usage);
|
| + }
|
| +
|
| + if (result)
|
| + return base::PLATFORM_FILE_OK;
|
| + return base::PLATFORM_FILE_ERROR_FAILED;
|
| +}
|
| +
|
| +void SandboxContext::GetOriginsForTypeOnFileThread(
|
| + fileapi::FileSystemType type, std::set<GURL>* origins) {
|
| + DCHECK(origins);
|
| + scoped_ptr<OriginEnumerator> enumerator(CreateOriginEnumerator());
|
| + GURL origin;
|
| + while (!(origin = enumerator->Next()).is_empty()) {
|
| + if (enumerator->HasFileSystemType(type))
|
| + origins->insert(origin);
|
| + }
|
| +}
|
| +
|
| +void SandboxContext::GetOriginsForHostOnFileThread(
|
| + fileapi::FileSystemType type, const std::string& host,
|
| + std::set<GURL>* origins) {
|
| + DCHECK(origins);
|
| + scoped_ptr<OriginEnumerator> enumerator(CreateOriginEnumerator());
|
| + GURL origin;
|
| + while (!(origin = enumerator->Next()).is_empty()) {
|
| + if (host == net::GetHostOrSpecFromURL(origin) &&
|
| + enumerator->HasFileSystemType(type))
|
| + origins->insert(origin);
|
| + }
|
| +}
|
| +
|
| +int64 SandboxContext::GetOriginUsageOnFileThread(
|
| + FileSystemContext* file_system_context,
|
| + const GURL& origin_url,
|
| + fileapi::FileSystemType type) {
|
| + // Don't use usage cache and return recalculated usage for sticky invalidated
|
| + // origins.
|
| + if (ContainsKey(sticky_dirty_origins_, std::make_pair(origin_url, type)))
|
| + return RecalculateUsage(file_system_context, origin_url, type);
|
| +
|
| + base::FilePath base_path =
|
| + GetBaseDirectoryForOriginAndType(origin_url, type, false);
|
| + if (base_path.empty() || !base::DirectoryExists(base_path))
|
| + return 0;
|
| + base::FilePath usage_file_path =
|
| + base_path.Append(FileSystemUsageCache::kUsageFileName);
|
| +
|
| + bool is_valid = usage_cache()->IsValid(usage_file_path);
|
| + uint32 dirty_status = 0;
|
| + bool dirty_status_available =
|
| + usage_cache()->GetDirty(usage_file_path, &dirty_status);
|
| + bool visited = !visited_origins_.insert(origin_url).second;
|
| + if (is_valid && (dirty_status == 0 || (dirty_status_available && visited))) {
|
| + // The usage cache is clean (dirty == 0) or the origin is already
|
| + // initialized and running. Read the cache file to get the usage.
|
| + int64 usage = 0;
|
| + return usage_cache()->GetUsage(usage_file_path, &usage) ? usage : -1;
|
| + }
|
| + // The usage cache has not been initialized or the cache is dirty.
|
| + // Get the directory size now and update the cache.
|
| + usage_cache()->Delete(usage_file_path);
|
| +
|
| + int64 usage = RecalculateUsage(file_system_context, origin_url, type);
|
| +
|
| + // This clears the dirty flag too.
|
| + usage_cache()->UpdateUsage(usage_file_path, usage);
|
| + return usage;
|
| +}
|
| +
|
| +void SandboxContext::InvalidateUsageCache(
|
| + const GURL& origin,
|
| + fileapi::FileSystemType type) {
|
| + base::PlatformFileError error = base::PLATFORM_FILE_OK;
|
| + base::FilePath usage_file_path = GetUsageCachePathForOriginAndType(
|
| + sync_file_util(), origin, type, &error);
|
| + if (error != base::PLATFORM_FILE_OK)
|
| + return;
|
| + usage_cache()->IncrementDirty(usage_file_path);
|
| +}
|
| +
|
| +void SandboxContext::StickyInvalidateUsageCache(
|
| + const GURL& origin,
|
| + fileapi::FileSystemType type) {
|
| + sticky_dirty_origins_.insert(std::make_pair(origin, type));
|
| + quota_observer()->SetUsageCacheEnabled(origin, type, false);
|
| + InvalidateUsageCache(origin, type);
|
| +}
|
| +
|
| +base::FilePath SandboxContext::GetUsageCachePathForOriginAndType(
|
| + const GURL& origin_url,
|
| + FileSystemType type) {
|
| + base::PlatformFileError error;
|
| + base::FilePath path = GetUsageCachePathForOriginAndType(
|
| + sync_file_util(), origin_url, type, &error);
|
| + if (error != base::PLATFORM_FILE_OK)
|
| + return base::FilePath();
|
| + return path;
|
| +}
|
| +
|
| +// static
|
| +base::FilePath SandboxContext::GetUsageCachePathForOriginAndType(
|
| + ObfuscatedFileUtil* sandbox_file_util,
|
| + const GURL& origin_url,
|
| + fileapi::FileSystemType type,
|
| + base::PlatformFileError* error_out) {
|
| + DCHECK(error_out);
|
| + *error_out = base::PLATFORM_FILE_OK;
|
| + base::FilePath base_path = sandbox_file_util->GetDirectoryForOriginAndType(
|
| + origin_url, type, false /* create */, error_out);
|
| + if (*error_out != base::PLATFORM_FILE_OK)
|
| + return base::FilePath();
|
| + return base_path.Append(FileSystemUsageCache::kUsageFileName);
|
| +}
|
| +
|
| +int64 SandboxContext::RecalculateUsage(FileSystemContext* context,
|
| + const GURL& origin,
|
| + FileSystemType type) {
|
| + FileSystemOperationContext operation_context(context);
|
| + FileSystemURL url = context->CreateCrackedFileSystemURL(
|
| + origin, type, base::FilePath());
|
| + scoped_ptr<FileSystemFileUtil::AbstractFileEnumerator> enumerator(
|
| + sync_file_util()->CreateFileEnumerator(&operation_context, url, true));
|
| +
|
| + base::FilePath file_path_each;
|
| + int64 usage = 0;
|
| +
|
| + while (!(file_path_each = enumerator->Next()).empty()) {
|
| + usage += enumerator->Size();
|
| + usage += ObfuscatedFileUtil::ComputeFilePathCost(file_path_each);
|
| + }
|
| +
|
| + return usage;
|
| +}
|
| +
|
| ObfuscatedFileUtil* SandboxContext::sync_file_util() {
|
| return static_cast<ObfuscatedFileUtil*>(file_util()->sync_file_util());
|
| }
|
|
|
Chromium Code Reviews
Issue 21116008:
FileAPI: Move FileSystemQuotaUtil related functions into SandboxContext (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src