Chromium Code Reviews Chromium Code Reviews
Issue 2674973003:
Adding a DownloadRestrictions group policy. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/download/chrome_download_manager_delegate.h" | 5 #include "chrome/browser/download/chrome_download_manager_delegate.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 42 #include "chrome/browser/ui/scoped_tabbed_browser_displayer.h" | 42 #include "chrome/browser/ui/scoped_tabbed_browser_displayer.h" |
| 43 #include "chrome/common/chrome_constants.h" | 43 #include "chrome/common/chrome_constants.h" |
| 44 #include "chrome/common/features.h" | 44 #include "chrome/common/features.h" |
| 45 #include "chrome/common/pdf_uma.h" | 45 #include "chrome/common/pdf_uma.h" |
| 46 #include "chrome/common/pref_names.h" | 46 #include "chrome/common/pref_names.h" |
| 47 #include "chrome/common/safe_browsing/file_type_policies.h" | 47 #include "chrome/common/safe_browsing/file_type_policies.h" |
| 48 #include "chrome/grit/generated_resources.h" | 48 #include "chrome/grit/generated_resources.h" |
| 49 #include "components/pref_registry/pref_registry_syncable.h" | 49 #include "components/pref_registry/pref_registry_syncable.h" |
| 50 #include "components/prefs/pref_member.h" | 50 #include "components/prefs/pref_member.h" |
| 51 #include "components/prefs/pref_service.h" | 51 #include "components/prefs/pref_service.h" |
| 52 #include "content/public/browser/download_interrupt_reasons.h" | |
| 52 #include "content/public/browser/download_item.h" | 53 #include "content/public/browser/download_item.h" |
| 53 #include "content/public/browser/download_manager.h" | 54 #include "content/public/browser/download_manager.h" |
| 54 #include "content/public/browser/notification_source.h" | 55 #include "content/public/browser/notification_source.h" |
| 55 #include "content/public/browser/page_navigator.h" | 56 #include "content/public/browser/page_navigator.h" |
| 56 #include "extensions/features/features.h" | 57 #include "extensions/features/features.h" |
| 57 #include "net/base/filename_util.h" | 58 #include "net/base/filename_util.h" |
| 58 #include "net/base/mime_util.h" | 59 #include "net/base/mime_util.h" |
| 59 #include "ppapi/features/features.h" | 60 #include "ppapi/features/features.h" |
| 60 #include "ui/base/l10n/l10n_util.h" | 61 #include "ui/base/l10n/l10n_util.h" |
| 61 | 62 |
| (...skipping 299 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 361 // In case the service was disabled between the download starting and now, | 362 // In case the service was disabled between the download starting and now, |
| 362 // we need to restore the danger state. | 363 // we need to restore the danger state. |
| 363 content::DownloadDangerType danger_type = item->GetDangerType(); | 364 content::DownloadDangerType danger_type = item->GetDangerType(); |
| 364 if (DownloadItemModel(item).GetDangerLevel() != | 365 if (DownloadItemModel(item).GetDangerLevel() != |
| 365 DownloadFileType::NOT_DANGEROUS && | 366 DownloadFileType::NOT_DANGEROUS && |
| 366 (danger_type == content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS || | 367 (danger_type == content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS || |
| 367 danger_type == | 368 danger_type == |
| 368 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT)) { | 369 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT)) { |
| 369 DVLOG(2) << __func__ | 370 DVLOG(2) << __func__ |
| 370 << "() SB service disabled. Marking download as DANGEROUS FILE"; | 371 << "() SB service disabled. Marking download as DANGEROUS FILE"; |
| 371 item->OnContentCheckCompleted( | 372 if (ShouldBlockFile(content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE)) { |
| 372 content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE); | 373 item->OnContentCheckCompleted( |
| 374 // Specifying a dangerous type here would take precendence over the | |
| 375 // blocking of the file. | |
| 376 content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS, | |
| 377 content::DOWNLOAD_INTERRUPT_REASON_FILE_BLOCKED); | |
| 378 } else { | |
| 379 item->OnContentCheckCompleted( | |
| 380 content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE, | |
| 381 content::DOWNLOAD_INTERRUPT_REASON_NONE); | |
| 382 } | |
| 373 UMA_HISTOGRAM_ENUMERATION("Download.DangerousFile.Reason", | 383 UMA_HISTOGRAM_ENUMERATION("Download.DangerousFile.Reason", |
| 374 SB_NOT_AVAILABLE, DANGEROUS_FILE_REASON_MAX); | 384 SB_NOT_AVAILABLE, DANGEROUS_FILE_REASON_MAX); |
| 375 content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE, | 385 content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE, |
| 376 internal_complete_callback); | 386 internal_complete_callback); |
| 377 return false; | 387 return false; |
| 378 } | 388 } |
| 379 } else if (!state->is_complete()) { | 389 } else if (!state->is_complete()) { |
| 380 // Don't complete the download until we have an answer. | 390 // Don't complete the download until we have an answer. |
| 381 state->set_callback(internal_complete_callback); | 391 state->set_callback(internal_complete_callback); |
| 382 return false; | 392 return false; |
| (...skipping 333 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 716 | 726 |
| 717 #if defined(FULL_SAFE_BROWSING) | 727 #if defined(FULL_SAFE_BROWSING) |
| 718 safe_browsing::DownloadProtectionService* service = | 728 safe_browsing::DownloadProtectionService* service = |
| 719 GetDownloadProtectionService(); | 729 GetDownloadProtectionService(); |
| 720 if (service) { | 730 if (service) { |
| 721 bool is_content_check_supported = | 731 bool is_content_check_supported = |
| 722 service->IsSupportedDownload(*download, suggested_path); | 732 service->IsSupportedDownload(*download, suggested_path); |
| 723 DVLOG(2) << __func__ << "() Start SB URL check for download = " | 733 DVLOG(2) << __func__ << "() Start SB URL check for download = " |
| 724 << download->DebugString(false); | 734 << download->DebugString(false); |
| 725 service->CheckDownloadUrl(download, | 735 service->CheckDownloadUrl(download, |
| 726 base::Bind(&CheckDownloadUrlDone, | 736 base::Bind(&CheckDownloadUrlDone, callback, |
| 727 callback, | |
| 728 is_content_check_supported)); | 737 is_content_check_supported)); |
| 729 return; | 738 return; |
| 730 } | 739 } |
| 731 #endif | 740 #endif |
| 732 callback.Run(content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS); | 741 callback.Run(content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS); |
| 733 } | 742 } |
| 734 | 743 |
| 735 void ChromeDownloadManagerDelegate::GetFileMimeType( | 744 void ChromeDownloadManagerDelegate::GetFileMimeType( |
| 736 const base::FilePath& path, | 745 const base::FilePath& path, |
| 737 const GetFileMimeTypeCallback& callback) { | 746 const GetFileMimeTypeCallback& callback) { |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 788 case DownloadProtectionService::DANGEROUS_HOST: | 797 case DownloadProtectionService::DANGEROUS_HOST: |
| 789 danger_type = content::DOWNLOAD_DANGER_TYPE_DANGEROUS_HOST; | 798 danger_type = content::DOWNLOAD_DANGER_TYPE_DANGEROUS_HOST; |
| 790 break; | 799 break; |
| 791 case DownloadProtectionService::POTENTIALLY_UNWANTED: | 800 case DownloadProtectionService::POTENTIALLY_UNWANTED: |
| 792 danger_type = content::DOWNLOAD_DANGER_TYPE_POTENTIALLY_UNWANTED; | 801 danger_type = content::DOWNLOAD_DANGER_TYPE_POTENTIALLY_UNWANTED; |
| 793 break; | 802 break; |
| 794 } | 803 } |
| 795 DCHECK_NE(danger_type, | 804 DCHECK_NE(danger_type, |
| 796 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT); | 805 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT); |
| 797 | 806 |
| 798 if (danger_type != content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) | 807 if (danger_type != content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) { |
| 799 item->OnContentCheckCompleted(danger_type); | 808 if (ShouldBlockFile(danger_type)) { |
| 809 item->OnContentCheckCompleted( | |
| 810 // Specifying a dangerous type here would take precendence over the | |
| 811 // blocking of the file. | |
| 812 content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS, | |
| 813 content::DOWNLOAD_INTERRUPT_REASON_FILE_BLOCKED); | |
| 814 } else { | |
| 815 item->OnContentCheckCompleted(danger_type, | |
| 816 content::DOWNLOAD_INTERRUPT_REASON_NONE); | |
| 817 } | |
| 818 } | |
| 800 } | 819 } |
| 801 | 820 |
| 802 SafeBrowsingState* state = static_cast<SafeBrowsingState*>( | 821 SafeBrowsingState* state = static_cast<SafeBrowsingState*>( |
| 803 item->GetUserData(&kSafeBrowsingUserDataKey)); | 822 item->GetUserData(&kSafeBrowsingUserDataKey)); |
| 804 state->CompleteDownload(); | 823 state->CompleteDownload(); |
| 805 } | 824 } |
| 806 #endif // FULL_SAFE_BROWSING | 825 #endif // FULL_SAFE_BROWSING |
| 807 | 826 |
| 808 // content::NotificationObserver implementation. | 827 // content::NotificationObserver implementation. |
| 809 void ChromeDownloadManagerDelegate::Observe( | 828 void ChromeDownloadManagerDelegate::Observe( |
| (...skipping 26 matching lines...) Expand all Loading... | |
| 836 target_info->is_filetype_handled_safely) | 855 target_info->is_filetype_handled_safely) |
| 837 DownloadItemModel(item).SetShouldPreferOpeningInBrowser(true); | 856 DownloadItemModel(item).SetShouldPreferOpeningInBrowser(true); |
| 838 | 857 |
| 839 #if defined(OS_LINUX) || defined(OS_CHROMEOS) | 858 #if defined(OS_LINUX) || defined(OS_CHROMEOS) |
| 840 if (item->GetOriginalMimeType() == "application/x-x509-user-cert") | 859 if (item->GetOriginalMimeType() == "application/x-x509-user-cert") |
| 841 DownloadItemModel(item).SetShouldPreferOpeningInBrowser(true); | 860 DownloadItemModel(item).SetShouldPreferOpeningInBrowser(true); |
| 842 #endif | 861 #endif |
| 843 | 862 |
| 844 DownloadItemModel(item).SetDangerLevel(target_info->danger_level); | 863 DownloadItemModel(item).SetDangerLevel(target_info->danger_level); |
| 845 } | 864 } |
| 865 if (ShouldBlockFile(target_info->danger_type)) { | |
| 866 target_info->result = content::DOWNLOAD_INTERRUPT_REASON_FILE_BLOCKED; | |
| 867 // A dangerous type would take precendence over the blocking of the file. | |
| 868 target_info->danger_type = content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS; | |
| 869 } | |
| 870 | |
| 846 callback.Run(target_info->target_path, target_info->target_disposition, | 871 callback.Run(target_info->target_path, target_info->target_disposition, |
| 847 target_info->danger_type, target_info->intermediate_path, | 872 target_info->danger_type, target_info->intermediate_path, |
| 848 target_info->result); | 873 target_info->result); |
| 849 } | 874 } |
| 850 | 875 |
| 851 bool ChromeDownloadManagerDelegate::IsOpenInBrowserPreferreredForFile( | 876 bool ChromeDownloadManagerDelegate::IsOpenInBrowserPreferreredForFile( |
| 852 const base::FilePath& path) { | 877 const base::FilePath& path) { |
| 853 #if defined(OS_WIN) || defined(OS_LINUX) || defined(OS_MACOSX) | 878 #if defined(OS_WIN) || defined(OS_LINUX) || defined(OS_MACOSX) |
| 854 if (path.MatchesExtension(FILE_PATH_LITERAL(".pdf"))) { | 879 if (path.MatchesExtension(FILE_PATH_LITERAL(".pdf"))) { |
| 855 return !download_prefs_->ShouldOpenPdfInSystemReader(); | 880 return !download_prefs_->ShouldOpenPdfInSystemReader(); |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 870 path.MatchesExtension(FILE_PATH_LITERAL(".xht")) || | 895 path.MatchesExtension(FILE_PATH_LITERAL(".xht")) || |
| 871 path.MatchesExtension(FILE_PATH_LITERAL(".xhtm")) || | 896 path.MatchesExtension(FILE_PATH_LITERAL(".xhtm")) || |
| 872 path.MatchesExtension(FILE_PATH_LITERAL(".xhtml")) || | 897 path.MatchesExtension(FILE_PATH_LITERAL(".xhtml")) || |
| 873 path.MatchesExtension(FILE_PATH_LITERAL(".xsl")) || | 898 path.MatchesExtension(FILE_PATH_LITERAL(".xsl")) || |
| 874 path.MatchesExtension(FILE_PATH_LITERAL(".xslt"))) { | 899 path.MatchesExtension(FILE_PATH_LITERAL(".xslt"))) { |
| 875 return true; | 900 return true; |
| 876 } | 901 } |
| 877 #endif | 902 #endif |
| 878 return false; | 903 return false; |
| 879 } | 904 } |
| 905 | |
| 906 bool ChromeDownloadManagerDelegate::ShouldBlockFile( | |
| 907 content::DownloadDangerType danger_type) const { | |
| 908 DownloadPrefs::DOWNLOAD_RESTRICTION download_restriction = | |
| 909 download_prefs_->download_restriction(); | |
| 910 | |
| 911 if (download_restriction == DownloadPrefs::DOWNLOAD_RESTRICTION_ALL_FILES) | |
|
David Trainor- moved to gerrit
2017/06/12 19:09:05
Would this be cleaner as a switch statement? Fine
MAD
2017/06/12 19:45:14
I don't see a clean way of making it work well wit
| |
| 912 return true; | |
| 913 | |
| 914 if (download_restriction == DownloadPrefs::DOWNLOAD_RESTRICTION_NONE || | |
| 915 danger_type == content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) { | |
| 916 return false; | |
| 917 } | |
| 918 | |
| 919 return (download_restriction == | |
| 920 DownloadPrefs::DOWNLOAD_RESTRICTION_DANGEROUS_FILES && | |
| 921 (danger_type == content::DOWNLOAD_DANGER_TYPE_DANGEROUS_CONTENT || | |
| 922 danger_type == content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE || | |
| 923 danger_type == content::DOWNLOAD_DANGER_TYPE_DANGEROUS_URL)) || | |
| 924 // DANGEROUS_HOST, UNKNOWN, POTENTIALLY & MAYBE_DANGEROUS types. | |
| 925 (download_restriction == | |
| 926 DownloadPrefs::DOWNLOAD_RESTRICTION_POTENTIALLY_DANGEROUS_FILES); | |
| 927 } | |
| OLD | NEW |
