Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1331)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/download/chrome_download_manager_delegate.cc

Issue 2674973003: Adding a DownloadRestrictions group policy. (Closed)
Patch Set: Test compile fix Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/download/chrome_download_manager_delegate.h ('k') | chrome/browser/download/chrome_download_manager_delegate_unittest.cc » ('j') | components/policy/resources/policy_templates.json » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/download/chrome_download_manager_delegate.cc
diff --git a/chrome/browser/download/chrome_download_manager_delegate.cc b/chrome/browser/download/chrome_download_manager_delegate.cc
index ed4157b47e5b02e224b4cfc51ddd8dd01c350957..563b96d33e566ea3cde7e4d23b86593df575d4d8 100644
--- a/chrome/browser/download/chrome_download_manager_delegate.cc
+++ b/chrome/browser/download/chrome_download_manager_delegate.cc
@@ -155,7 +155,12 @@ base::FilePath GetPlatformDownloadPath(Profile* profile,
void CheckDownloadUrlDone(
const DownloadTargetDeterminerDelegate::CheckDownloadUrlCallback& callback,
bool is_content_check_supported,
+ DownloadItem* restricted_download_item,
DownloadProtectionService::DownloadCheckResult result) {
+ // The restricted_download_item is a weak pointer that's only safe to acces on
+ // the UI thread.
+ DCHECK_CURRENTLY_ON(BrowserThread::UI);
+
content::DownloadDangerType danger_type;
if (result == DownloadProtectionService::SAFE ||
result == DownloadProtectionService::UNKNOWN) {
@@ -172,6 +177,8 @@ void CheckDownloadUrlDone(
danger_type = content::DOWNLOAD_DANGER_TYPE_DANGEROUS_URL;
}
callback.Run(danger_type);
+ // TODO(mad): Find a way to interrupt the download here when
+ // restricted_download_item is not null and danger_type is set to URL.
}
#endif // FULL_SAFE_BROWSING
@@ -347,8 +354,12 @@ bool ChromeDownloadManagerDelegate::IsDownloadReadyForCompletion(
content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT)) {
DVLOG(2) << __func__
<< "() SB service disabled. Marking download as DANGEROUS FILE";
- item->OnContentCheckCompleted(
- content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE);
+ if (ShouldBlockFile(content::DOWNLOAD_DANGER_TYPE_DANGEROUS_FILE)) {
+ item->OnContentCheckCompleted(
+ content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS, true /*block_file*/);
+ } else {
+ item->OnContentCheckCompleted(danger_type, false);
+ }
UMA_HISTOGRAM_ENUMERATION("Download.DangerousFile.Reason",
SB_NOT_AVAILABLE, DANGEROUS_FILE_REASON_MAX);
content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE,
@@ -551,6 +562,11 @@ ChromeDownloadManagerDelegate::ApplicationClientIdForFileScanning() const {
return std::string(chrome::kApplicationClientIDStringForAVScanning);
}
+bool ChromeDownloadManagerDelegate::ShouldBlockAllDownloads() const {
+ return download_prefs_->download_restriction() ==
+ DownloadPrefs::DOWNLOAD_RESTRICTION_ALL_FILES;
+}
+
DownloadProtectionService*
ChromeDownloadManagerDelegate::GetDownloadProtectionService() {
DCHECK_CURRENTLY_ON(BrowserThread::UI);
@@ -662,10 +678,15 @@ void ChromeDownloadManagerDelegate::CheckDownloadUrl(
service->IsSupportedDownload(*download, suggested_path);
DVLOG(2) << __func__ << "() Start SB URL check for download = "
<< download->DebugString(false);
- service->CheckDownloadUrl(download,
- base::Bind(&CheckDownloadUrlDone,
- callback,
- is_content_check_supported));
+ DownloadItem* restricted_download_item = nullptr;
+ if (download_prefs_->download_restriction() ==
+ DownloadPrefs::DOWNLOAD_RESTRICTION_POTENTIALLY_DANGEROUS_FILES) {
+ restricted_download_item = download;
+ }
+ service->CheckDownloadUrl(
+ download,
+ base::Bind(&CheckDownloadUrlDone, callback, is_content_check_supported,
+ restricted_download_item));
return;
}
#endif
@@ -736,8 +757,16 @@ void ChromeDownloadManagerDelegate::CheckClientDownloadDone(
DCHECK_NE(danger_type,
content::DOWNLOAD_DANGER_TYPE_MAYBE_DANGEROUS_CONTENT);
- if (danger_type != content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS)
- item->OnContentCheckCompleted(danger_type);
+ if (danger_type != content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS) {
+ if (ShouldBlockFile(danger_type)) {
+ item->OnContentCheckCompleted(
+ // Specifying a dangerous type here would take precendence over the
+ // blocking of the file.
+ content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS, true /*block_file*/);
+ } else {
+ item->OnContentCheckCompleted(danger_type, false /*block_file*/);
+ }
+ }
}
SafeBrowsingState* state = static_cast<SafeBrowsingState*>(
@@ -819,3 +848,17 @@ bool ChromeDownloadManagerDelegate::IsOpenInBrowserPreferreredForFile(
#endif
return false;
}
+
+bool ChromeDownloadManagerDelegate::ShouldBlockFile(
+ content::DownloadDangerType danger_type) const {
+ if (danger_type == content::DOWNLOAD_DANGER_TYPE_NOT_DANGEROUS)
+ return false;
+
+ DownloadPrefs::DOWNLOAD_RESTRICTION download_restriction =
+ download_prefs_->download_restriction();
+ return (download_restriction ==
+ DownloadPrefs::DOWNLOAD_RESTRICTION_DANGEROUS_FILES &&
+ danger_type == content::DOWNLOAD_DANGER_TYPE_DANGEROUS_CONTENT) ||
+ (download_restriction ==
+ DownloadPrefs::DOWNLOAD_RESTRICTION_POTENTIALLY_DANGEROUS_FILES);
+}
« no previous file with comments | « chrome/browser/download/chrome_download_manager_delegate.h ('k') | chrome/browser/download/chrome_download_manager_delegate_unittest.cc » ('j') | components/policy/resources/policy_templates.json » ('J')

Powered by Google App Engine
This is Rietveld 408576698