OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/url_request/url_request_file_dir_job.h" | 5 #include "net/url_request/url_request_file_dir_job.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/compiler_specific.h" | 8 #include "base/compiler_specific.h" |
9 #include "base/files/file_util.h" | |
9 #include "base/location.h" | 10 #include "base/location.h" |
10 #include "base/single_thread_task_runner.h" | 11 #include "base/single_thread_task_runner.h" |
11 #include "base/strings/sys_string_conversions.h" | 12 #include "base/strings/sys_string_conversions.h" |
12 #include "base/strings/utf_string_conversions.h" | 13 #include "base/strings/utf_string_conversions.h" |
14 #include "base/task_scheduler/post_task.h" | |
13 #include "base/threading/thread_task_runner_handle.h" | 15 #include "base/threading/thread_task_runner_handle.h" |
14 #include "base/time/time.h" | 16 #include "base/time/time.h" |
15 #include "net/base/directory_listing.h" | 17 #include "net/base/directory_listing.h" |
16 #include "net/base/io_buffer.h" | 18 #include "net/base/io_buffer.h" |
17 #include "net/url_request/url_request_status.h" | 19 #include "net/url_request/url_request_status.h" |
18 #include "url/gurl.h" | 20 #include "url/gurl.h" |
19 | 21 |
20 #if defined(OS_POSIX) | 22 #if defined(OS_POSIX) |
21 #include <sys/stat.h> | 23 #include <sys/stat.h> |
22 #endif | 24 #endif |
23 | 25 |
24 namespace net { | 26 namespace net { |
25 | 27 |
26 URLRequestFileDirJob::URLRequestFileDirJob(URLRequest* request, | 28 URLRequestFileDirJob::URLRequestFileDirJob(URLRequest* request, |
27 NetworkDelegate* network_delegate, | 29 NetworkDelegate* network_delegate, |
28 const base::FilePath& dir_path) | 30 const base::FilePath& dir_path) |
29 : URLRequestJob(request, network_delegate), | 31 : URLRequestJob(request, network_delegate), |
30 lister_(dir_path, this), | 32 lister_(dir_path, this), |
31 dir_path_(dir_path), | 33 dir_path_(dir_path), |
32 canceled_(false), | 34 canceled_(false), |
33 list_complete_(false), | 35 list_complete_(false), |
34 wrote_header_(false), | 36 wrote_header_(false), |
35 read_pending_(false), | 37 read_pending_(false), |
36 read_buffer_length_(0), | 38 read_buffer_length_(0), |
37 weak_factory_(this) {} | 39 weak_factory_(this) {} |
38 | 40 |
39 void URLRequestFileDirJob::StartAsync() { | 41 void URLRequestFileDirJob::StartAsync() { |
40 lister_.Start(); | 42 base::PostTaskWithTraitsAndReplyWithResult( |
41 NotifyHeadersComplete(); | 43 FROM_HERE, |
44 base::TaskTraits().MayBlock().WithShutdownBehavior( | |
45 base::TaskShutdownBehavior::CONTINUE_ON_SHUTDOWN), | |
46 base::Bind(&base::MakeAbsoluteFilePath, dir_path_), | |
47 base::Bind(&URLRequestFileDirJob::DidMakeAbsolutePath, | |
48 weak_factory_.GetWeakPtr())); | |
mmenke
2017/04/18 17:24:46
I assume there's no security concern with this ext
satorux1
2017/04/19 07:22:22
Sorry I couldn't get your point. Could you elabora
mmenke
2017/04/19 15:18:35
Before, we didn't even access blacklisted files.
satorux1
2017/04/21 00:59:47
Thank you for explaining this to me very clearly!
| |
42 } | 49 } |
43 | 50 |
44 void URLRequestFileDirJob::Start() { | 51 void URLRequestFileDirJob::Start() { |
45 // Start reading asynchronously so that all error reporting and data | 52 // Start reading asynchronously so that all error reporting and data |
46 // callbacks happen as they would for network requests. | 53 // callbacks happen as they would for network requests. |
47 base::ThreadTaskRunnerHandle::Get()->PostTask( | 54 base::ThreadTaskRunnerHandle::Get()->PostTask( |
48 FROM_HERE, base::Bind(&URLRequestFileDirJob::StartAsync, | 55 FROM_HERE, base::Bind(&URLRequestFileDirJob::StartAsync, |
49 weak_factory_.GetWeakPtr())); | 56 weak_factory_.GetWeakPtr())); |
50 } | 57 } |
51 | 58 |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
100 // On Linux, the file system encoding is not defined, but we assume that | 107 // On Linux, the file system encoding is not defined, but we assume that |
101 // SysNativeMBToWide takes care of it at least for now. We can try something | 108 // SysNativeMBToWide takes care of it at least for now. We can try something |
102 // more sophisticated if necessary later. | 109 // more sophisticated if necessary later. |
103 const base::string16& title = base::WideToUTF16( | 110 const base::string16& title = base::WideToUTF16( |
104 base::SysNativeMBToWide(dir_path_.value())); | 111 base::SysNativeMBToWide(dir_path_.value())); |
105 #endif | 112 #endif |
106 data_.append(GetDirectoryListingHeader(title)); | 113 data_.append(GetDirectoryListingHeader(title)); |
107 wrote_header_ = true; | 114 wrote_header_ = true; |
108 } | 115 } |
109 | 116 |
117 // Do not include inaccessible files from the directory listing. | |
118 if (network_delegate() && !network_delegate()->CanAccessFile( | |
119 *request(), data.path, data.absolute_path)) { | |
120 return; | |
121 } | |
mmenke
2017/04/18 17:24:46
What's the motivation for this change? I'm not op
satorux1
2017/04/19 07:22:22
I wanted to exclude inaccessible files. Otherwise,
| |
122 | |
110 #if defined(OS_WIN) | 123 #if defined(OS_WIN) |
111 std::string raw_bytes; // Empty on Windows means UTF-8 encoded name. | 124 std::string raw_bytes; // Empty on Windows means UTF-8 encoded name. |
112 #elif defined(OS_POSIX) | 125 #elif defined(OS_POSIX) |
113 // TOOD(jungshik): The same issue as for the directory name. | 126 // TOOD(jungshik): The same issue as for the directory name. |
114 base::FilePath filename = data.info.GetName(); | 127 base::FilePath filename = data.info.GetName(); |
115 const std::string& raw_bytes = filename.value(); | 128 const std::string& raw_bytes = filename.value(); |
116 #endif | 129 #endif |
117 data_.append(GetDirectoryListingEntry( | 130 data_.append(GetDirectoryListingEntry( |
118 data.info.GetName().LossyDisplayName(), | 131 data.info.GetName().LossyDisplayName(), |
119 raw_bytes, | 132 raw_bytes, |
120 data.info.IsDirectory(), | 133 data.info.IsDirectory(), |
121 data.info.GetSize(), | 134 data.info.GetSize(), |
122 data.info.GetLastModifiedTime())); | 135 data.info.GetLastModifiedTime())); |
123 | 136 |
124 // TODO(darin): coalesce more? | 137 // TODO(darin): coalesce more? |
125 CompleteRead(OK); | 138 CompleteRead(OK); |
126 } | 139 } |
127 | 140 |
128 void URLRequestFileDirJob::OnListDone(int error) { | 141 void URLRequestFileDirJob::OnListDone(int error) { |
129 DCHECK(!canceled_); | 142 DCHECK(!canceled_); |
130 DCHECK_LE(error, OK); | 143 DCHECK_LE(error, OK); |
131 | 144 |
132 list_complete_ = true; | 145 list_complete_ = true; |
133 list_complete_result_ = static_cast<Error>(error); | 146 list_complete_result_ = static_cast<Error>(error); |
134 CompleteRead(list_complete_result_); | 147 CompleteRead(list_complete_result_); |
135 } | 148 } |
136 | 149 |
137 URLRequestFileDirJob::~URLRequestFileDirJob() {} | 150 URLRequestFileDirJob::~URLRequestFileDirJob() {} |
138 | 151 |
152 void URLRequestFileDirJob::DidMakeAbsolutePath( | |
153 const base::FilePath& absolute_path) { | |
154 if (network_delegate() && !network_delegate()->CanAccessFile( | |
155 *request(), dir_path_, absolute_path)) { | |
156 NotifyStartError( | |
157 URLRequestStatus(URLRequestStatus::FAILED, ERR_ACCESS_DENIED)); | |
mmenke
2017/04/18 17:24:46
URLRequestStatus::FromError(ERR_ACCESS_DENIED) is
satorux1
2017/04/19 07:22:23
Thanks. Fixed locally.
| |
158 return; | |
159 } | |
160 | |
161 lister_.Start(); | |
162 NotifyHeadersComplete(); | |
163 } | |
164 | |
139 void URLRequestFileDirJob::CompleteRead(Error error) { | 165 void URLRequestFileDirJob::CompleteRead(Error error) { |
140 DCHECK_LE(error, OK); | 166 DCHECK_LE(error, OK); |
141 DCHECK_NE(error, ERR_IO_PENDING); | 167 DCHECK_NE(error, ERR_IO_PENDING); |
142 | 168 |
143 // Do nothing if there is no read pending. | 169 // Do nothing if there is no read pending. |
144 if (!read_pending_) | 170 if (!read_pending_) |
145 return; | 171 return; |
146 | 172 |
147 int result = error; | 173 int result = error; |
148 if (error == OK) { | 174 if (error == OK) { |
(...skipping 20 matching lines...) Expand all Loading... | |
169 data_.erase(0, count); | 195 data_.erase(0, count); |
170 return count; | 196 return count; |
171 } else if (list_complete_) { | 197 } else if (list_complete_) { |
172 // EOF | 198 // EOF |
173 return list_complete_result_; | 199 return list_complete_result_; |
174 } | 200 } |
175 return ERR_IO_PENDING; | 201 return ERR_IO_PENDING; |
176 } | 202 } |
177 | 203 |
178 } // namespace net | 204 } // namespace net |
OLD | NEW |