| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/download/chrome_download_manager_delegate.h" | 5 #include "chrome/browser/download/chrome_download_manager_delegate.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 148 // |callback| is invoked with a danger type determined as follows: | 148 // |callback| is invoked with a danger type determined as follows: |
| 149 // | 149 // |
| 150 // Danger type is (in order of preference): | 150 // Danger type is (in order of preference): |
| 151 // * DANGEROUS_URL, if the URL is a known malware site. | 151 // * DANGEROUS_URL, if the URL is a known malware site. |
| 152 // * MAYBE_DANGEROUS_CONTENT, if the content will be scanned for | 152 // * MAYBE_DANGEROUS_CONTENT, if the content will be scanned for |
| 153 // malware. I.e. |is_content_check_supported| is true. | 153 // malware. I.e. |is_content_check_supported| is true. |
| 154 // * NOT_DANGEROUS. | 154 // * NOT_DANGEROUS. |
| 155 void CheckDownloadUrlDone( | 155 void CheckDownloadUrlDone( |
| 156 const DownloadTargetDeterminerDelegate::CheckDownloadUrlCallback& callback, | 156 const DownloadTargetDeterminerDelegate::CheckDownloadUrlCallback& callback, |
| 157 bool is_content_check_supported, | 157 bool is_content_check_supported, |
| 158 DownloadItem* restricted_download_item, |
| 158 DownloadProtectionService::DownloadCheckResult result) { | 159 DownloadProtectionService::DownloadCheckResult result) { |
| 160 // The restricted_download_item is a weak pointer that's only safe to acces on |
| 161 // the UI thread. |
| 162 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 163 |
| 159 content::DownloadDangerType danger_type; | 164 content::DownloadDangerType danger_type; |
| 160 if (result == DownloadProtectionService::SAFE || | 165 if (result == DownloadProtectionService::SAFE || |
| 161 result == DownloadProtectionService::UNKNOWN) { | 166 result == DownloadProtectionService::UNKNOWN) { |
| 162 // If this type of files is handled by the enhanced SafeBrowsing download | 167 // If this type of files is handled by the enhanced SafeBrowsing download |
| 163 // protection, mark it as potentially dangerous content until we are done | 168 // protection, mark it as potentially dangerous content until we are done |
| 164 // with scanning it. | 169 // with scanning it. |
| 165 if (is_content_check_supported) | 170 if (is_content_check_supported) |
| 166 danger_type = content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT; | 171 danger_type = content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT; |
| 167 else | 172 else |
| 168 danger_type = content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS; | 173 danger_type = content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS; |
| 169 } else { | 174 } else { |
| 170 // If the URL is malicious, we'll use that as the danger type. The results | 175 // If the URL is malicious, we'll use that as the danger type. The results |
| 171 // of the content check, if one is performed, will be ignored. | 176 // of the content check, if one is performed, will be ignored. |
| 172 danger_type = content::DOWNLOAD_DANGER_TYPE_DANGEROUS_URL; | 177 danger_type = content::DOWNLOAD_DANGER_TYPE_DANGEROUS_URL; |
| 173 } | 178 } |
| 174 callback.Run(danger_type); | 179 callback.Run(danger_type); |
| 180 // TODO(mad): Find a way to interrupt the download here when |
| 181 // restricted_download_item is not null and danger_type is set to URL. |
| 175 } | 182 } |
| 176 | 183 |
| 177 #endif // FULL_SAFE_BROWSING | 184 #endif // FULL_SAFE_BROWSING |
| 178 | 185 |
| 179 // Called asynchronously to determine the MIME type for |path|. | 186 // Called asynchronously to determine the MIME type for |path|. |
| 180 std::string GetMimeType(const base::FilePath& path) { | 187 std::string GetMimeType(const base::FilePath& path) { |
| 181 std::string mime_type; | 188 std::string mime_type; |
| 182 net::GetMimeTypeFromFile(path, &mime_type); | 189 net::GetMimeTypeFromFile(path, &mime_type); |
| 183 return mime_type; | 190 return mime_type; |
| 184 } | 191 } |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 340 // In case the service was disabled between the download starting and now, | 347 // In case the service was disabled between the download starting and now, |
| 341 // we need to restore the danger state. | 348 // we need to restore the danger state. |
| 342 content::DownloadDangerType danger_type = item->GetDangerType(); | 349 content::DownloadDangerType danger_type = item->GetDangerType(); |
| 343 if (DownloadItemModel(item).GetDangerLevel() != | 350 if (DownloadItemModel(item).GetDangerLevel() != |
| 344 DownloadFileType::NOT_DANGEROUS && | 351 DownloadFileType::NOT_DANGEROUS && |
| 345 (danger_type == content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS || | 352 (danger_type == content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS || |
| 346 danger_type == | 353 danger_type == |
| 347 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT)) { | 354 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT)) { |
| 348 DVLOG(2) << __func__ | 355 DVLOG(2) << __func__ |
| 349 << "() SB service disabled. Marking download as DANGEROUS FILE"; | 356 << "() SB service disabled. Marking download as DANGEROUS FILE"; |
| 350 item->OnContentCheckCompleted( | 357 if (ShouldBlockFile(content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE)) { |
| 351 content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE); | 358 item->OnContentCheckCompleted( |
| 359 content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS, true /*block_file*/); |
| 360 } else { |
| 361 item->OnContentCheckCompleted(danger_type, false); |
| 362 } |
| 352 UMA_HISTOGRAM_ENUMERATION("Download.DangerousFile.Reason", | 363 UMA_HISTOGRAM_ENUMERATION("Download.DangerousFile.Reason", |
| 353 SB_NOT_AVAILABLE, DANGEROUS_FILE_REASON_MAX); | 364 SB_NOT_AVAILABLE, DANGEROUS_FILE_REASON_MAX); |
| 354 content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE, | 365 content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE, |
| 355 internal_complete_callback); | 366 internal_complete_callback); |
| 356 return false; | 367 return false; |
| 357 } | 368 } |
| 358 } else if (!state->is_complete()) { | 369 } else if (!state->is_complete()) { |
| 359 // Don't complete the download until we have an answer. | 370 // Don't complete the download until we have an answer. |
| 360 state->set_callback(internal_complete_callback); | 371 state->set_callback(internal_complete_callback); |
| 361 return false; | 372 return false; |
| (...skipping 182 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 544 FROM_HERE, | 555 FROM_HERE, |
| 545 base::Bind(&base::PathExists, download->GetTargetFilePath()), | 556 base::Bind(&base::PathExists, download->GetTargetFilePath()), |
| 546 callback); | 557 callback); |
| 547 } | 558 } |
| 548 | 559 |
| 549 std::string | 560 std::string |
| 550 ChromeDownloadManagerDelegate::ApplicationClientIdForFileScanning() const { | 561 ChromeDownloadManagerDelegate::ApplicationClientIdForFileScanning() const { |
| 551 return std::string(chrome::kApplicationClientIDStringForAVScanning); | 562 return std::string(chrome::kApplicationClientIDStringForAVScanning); |
| 552 } | 563 } |
| 553 | 564 |
| 565 bool ChromeDownloadManagerDelegate::ShouldBlockAllDownloads() const { |
| 566 return download_prefs_->download_restriction() == |
| 567 DownloadPrefs::DOWNLOAD_RESTRICTION_ALL_FILES; |
| 568 } |
| 569 |
| 554 DownloadProtectionService* | 570 DownloadProtectionService* |
| 555 ChromeDownloadManagerDelegate::GetDownloadProtectionService() { | 571 ChromeDownloadManagerDelegate::GetDownloadProtectionService() { |
| 556 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 572 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 557 #if defined(FULL_SAFE_BROWSING) | 573 #if defined(FULL_SAFE_BROWSING) |
| 558 safe_browsing::SafeBrowsingService* sb_service = | 574 safe_browsing::SafeBrowsingService* sb_service = |
| 559 g_browser_process->safe_browsing_service(); | 575 g_browser_process->safe_browsing_service(); |
| 560 if (sb_service && sb_service->download_protection_service() && | 576 if (sb_service && sb_service->download_protection_service() && |
| 561 profile_->GetPrefs()->GetBoolean(prefs::kSafeBrowsingEnabled)) { | 577 profile_->GetPrefs()->GetBoolean(prefs::kSafeBrowsingEnabled)) { |
| 562 return sb_service->download_protection_service(); | 578 return sb_service->download_protection_service(); |
| 563 } | 579 } |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 655 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 671 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 656 | 672 |
| 657 #if defined(FULL_SAFE_BROWSING) | 673 #if defined(FULL_SAFE_BROWSING) |
| 658 safe_browsing::DownloadProtectionService* service = | 674 safe_browsing::DownloadProtectionService* service = |
| 659 GetDownloadProtectionService(); | 675 GetDownloadProtectionService(); |
| 660 if (service) { | 676 if (service) { |
| 661 bool is_content_check_supported = | 677 bool is_content_check_supported = |
| 662 service->IsSupportedDownload(*download, suggested_path); | 678 service->IsSupportedDownload(*download, suggested_path); |
| 663 DVLOG(2) << __func__ << "() Start SB URL check for download = " | 679 DVLOG(2) << __func__ << "() Start SB URL check for download = " |
| 664 << download->DebugString(false); | 680 << download->DebugString(false); |
| 665 service->CheckDownloadUrl(download, | 681 DownloadItem* restricted_download_item = nullptr; |
| 666 base::Bind(&CheckDownloadUrlDone, | 682 if (download_prefs_->download_restriction() == |
| 667 callback, | 683 DownloadPrefs::DOWNLOAD_RESTRICTION_POTENTIALLY_DANGEROUS_FILES) { |
| 668 is_content_check_supported)); | 684 restricted_download_item = download; |
| 685 } |
| 686 service->CheckDownloadUrl( |
| 687 download, |
| 688 base::Bind(&CheckDownloadUrlDone, callback, is_content_check_supported, |
| 689 restricted_download_item)); |
| 669 return; | 690 return; |
| 670 } | 691 } |
| 671 #endif | 692 #endif |
| 672 callback.Run(content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS); | 693 callback.Run(content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS); |
| 673 } | 694 } |
| 674 | 695 |
| 675 void ChromeDownloadManagerDelegate::GetFileMimeType( | 696 void ChromeDownloadManagerDelegate::GetFileMimeType( |
| 676 const base::FilePath& path, | 697 const base::FilePath& path, |
| 677 const GetFileMimeTypeCallback& callback) { | 698 const GetFileMimeTypeCallback& callback) { |
| 678 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 699 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 729 case DownloadProtectionService::DANGEROUS_HOST: | 750 case DownloadProtectionService::DANGEROUS_HOST: |
| 730 danger_type = content::DOWNLOAD_DANGER_TYPE_DANGEROUS_HOST; | 751 danger_type = content::DOWNLOAD_DANGER_TYPE_DANGEROUS_HOST; |
| 731 break; | 752 break; |
| 732 case DownloadProtectionService::POTENTIALLY_UNWANTED: | 753 case DownloadProtectionService::POTENTIALLY_UNWANTED: |
| 733 danger_type = content::DOWNLOAD_DANGER_TYPE_POTENTIALLY_UNWANTED; | 754 danger_type = content::DOWNLOAD_DANGER_TYPE_POTENTIALLY_UNWANTED; |
| 734 break; | 755 break; |
| 735 } | 756 } |
| 736 DCHECK_NE(danger_type, | 757 DCHECK_NE(danger_type, |
| 737 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT); | 758 content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT); |
| 738 | 759 |
| 739 if (danger_type != content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) | 760 if (danger_type != content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) { |
| 740 item->OnContentCheckCompleted(danger_type); | 761 if (ShouldBlockFile(danger_type)) { |
| 762 item->OnContentCheckCompleted( |
| 763 // Specifying a dangerous type here would take precendence over the |
| 764 // blocking of the file. |
| 765 content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS, true /*block_file*/); |
| 766 } else { |
| 767 item->OnContentCheckCompleted(danger_type, false /*block_file*/); |
| 768 } |
| 769 } |
| 741 } | 770 } |
| 742 | 771 |
| 743 SafeBrowsingState* state = static_cast<SafeBrowsingState*>( | 772 SafeBrowsingState* state = static_cast<SafeBrowsingState*>( |
| 744 item->GetUserData(&kSafeBrowsingUserDataKey)); | 773 item->GetUserData(&kSafeBrowsingUserDataKey)); |
| 745 state->CompleteDownload(); | 774 state->CompleteDownload(); |
| 746 } | 775 } |
| 747 #endif // FULL_SAFE_BROWSING | 776 #endif // FULL_SAFE_BROWSING |
| 748 | 777 |
| 749 // content::NotificationObserver implementation. | 778 // content::NotificationObserver implementation. |
| 750 void ChromeDownloadManagerDelegate::Observe( | 779 void ChromeDownloadManagerDelegate::Observe( |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 812 path.MatchesExtension(FILE_PATH_LITERAL(".xht")) || | 841 path.MatchesExtension(FILE_PATH_LITERAL(".xht")) || |
| 813 path.MatchesExtension(FILE_PATH_LITERAL(".xhtm")) || | 842 path.MatchesExtension(FILE_PATH_LITERAL(".xhtm")) || |
| 814 path.MatchesExtension(FILE_PATH_LITERAL(".xhtml")) || | 843 path.MatchesExtension(FILE_PATH_LITERAL(".xhtml")) || |
| 815 path.MatchesExtension(FILE_PATH_LITERAL(".xsl")) || | 844 path.MatchesExtension(FILE_PATH_LITERAL(".xsl")) || |
| 816 path.MatchesExtension(FILE_PATH_LITERAL(".xslt"))) { | 845 path.MatchesExtension(FILE_PATH_LITERAL(".xslt"))) { |
| 817 return true; | 846 return true; |
| 818 } | 847 } |
| 819 #endif | 848 #endif |
| 820 return false; | 849 return false; |
| 821 } | 850 } |
| 851 |
| 852 bool ChromeDownloadManagerDelegate::ShouldBlockFile( |
| 853 content::DownloadDangerType danger_type) const { |
| 854 if (danger_type == content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) |
| 855 return false; |
| 856 |
| 857 DownloadPrefs::DOWNLOAD_RESTRICTION download_restriction = |
| 858 download_prefs_->download_restriction(); |
| 859 return (download_restriction == |
| 860 DownloadPrefs::DOWNLOAD_RESTRICTION_DANGEROUS_FILES && |
| 861 danger_type == content::DOWNLOAD_DANGER_TYPE_DANGEROUS_CONTENT) || |
| 862 (download_restriction == |
| 863 DownloadPrefs::DOWNLOAD_RESTRICTION_POTENTIALLY_DANGEROUS_FILES); |
| 864 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2674973003:
Adding a DownloadRestrictions group policy. (Closed)
