| Index: content/browser/fileapi/browser_file_system_helper.cc
|
| diff --git a/content/browser/fileapi/browser_file_system_helper.cc b/content/browser/fileapi/browser_file_system_helper.cc
|
| index d51abece3bd5d9580380b34587998bdd738263f5..c74b516ae40148f82fc78ffbd7f5f1776f320f8e 100644
|
| --- a/content/browser/fileapi/browser_file_system_helper.cc
|
| +++ b/content/browser/fileapi/browser_file_system_helper.cc
|
| @@ -12,20 +12,28 @@
|
| #include "base/command_line.h"
|
| #include "base/files/file_path.h"
|
| #include "base/sequenced_task_runner.h"
|
| +#include "base/strings/utf_string_conversions.h"
|
| #include "base/threading/sequenced_worker_pool.h"
|
| #include "content/browser/child_process_security_policy_impl.h"
|
| #include "content/public/browser/browser_context.h"
|
| #include "content/public/browser/browser_thread.h"
|
| +#include "content/public/browser/child_process_security_policy.h"
|
| #include "content/public/browser/content_browser_client.h"
|
| #include "content/public/common/content_client.h"
|
| #include "content/public/common/content_switches.h"
|
| +#include "content/public/common/drop_data.h"
|
| +#include "content/public/common/url_constants.h"
|
| +#include "net/base/filename_util.h"
|
| #include "storage/browser/fileapi/external_mount_points.h"
|
| #include "storage/browser/fileapi/file_permission_policy.h"
|
| #include "storage/browser/fileapi/file_system_backend.h"
|
| #include "storage/browser/fileapi/file_system_context.h"
|
| #include "storage/browser/fileapi/file_system_operation_runner.h"
|
| #include "storage/browser/fileapi/file_system_options.h"
|
| +#include "storage/browser/fileapi/file_system_url.h"
|
| +#include "storage/browser/fileapi/isolated_context.h"
|
| #include "storage/browser/quota/quota_manager.h"
|
| +#include "url/gurl.h"
|
| #include "url/url_constants.h"
|
|
|
| namespace content {
|
| @@ -132,4 +140,84 @@ void SyncGetPlatformPath(storage::FileSystemContext* context,
|
| policy->GrantReadFile(process_id, *platform_path);
|
| }
|
|
|
| +void PrepareDropDataForChildProcess(
|
| + DropData* drop_data,
|
| + ChildProcessSecurityPolicyImpl* security_policy,
|
| + int child_id,
|
| + const storage::FileSystemContext* file_system_context) {
|
| +#if defined(OS_CHROMEOS)
|
| + // The externalfile:// scheme is used in Chrome OS to open external files in a
|
| + // browser tab.
|
| + if (drop_data->url.SchemeIs(content::kExternalFileScheme))
|
| + security_policy->GrantRequestURL(child_id, drop_data->url);
|
| +#endif
|
| +
|
| + // The filenames vector represents a capability to access the given files.
|
| + storage::IsolatedContext::FileInfoSet files;
|
| + for (auto& filename : drop_data->filenames) {
|
| + // Make sure we have the same display_name as the one we register.
|
| + if (filename.display_name.empty()) {
|
| + std::string name;
|
| + files.AddPath(filename.path, &name);
|
| + filename.display_name = base::FilePath::FromUTF8Unsafe(name);
|
| + } else {
|
| + files.AddPathWithName(filename.path,
|
| + filename.display_name.AsUTF8Unsafe());
|
| + }
|
| + // A dragged file may wind up as the value of an input element, or it
|
| + // may be used as the target of a navigation instead. We don't know
|
| + // which will happen at this point, so generously grant both access
|
| + // and request permissions to the specific file to cover both cases.
|
| + // We do not give it the permission to request all file:// URLs.
|
| + security_policy->GrantRequestSpecificFileURL(
|
| + child_id, net::FilePathToFileURL(filename.path));
|
| +
|
| + // If the renderer already has permission to read these paths, we don't need
|
| + // to re-grant them. This prevents problems with DnD for files in the CrOS
|
| + // file manager--the file manager already had read/write access to those
|
| + // directories, but dragging a file would cause the read/write access to be
|
| + // overwritten with read-only access, making them impossible to delete or
|
| + // rename until the renderer was killed.
|
| + if (!security_policy->CanReadFile(child_id, filename.path))
|
| + security_policy->GrantReadFile(child_id, filename.path);
|
| + }
|
| +
|
| + storage::IsolatedContext* isolated_context =
|
| + storage::IsolatedContext::GetInstance();
|
| + DCHECK(isolated_context);
|
| +
|
| + if (!files.fileset().empty()) {
|
| + std::string filesystem_id =
|
| + isolated_context->RegisterDraggedFileSystem(files);
|
| + if (!filesystem_id.empty()) {
|
| + // Grant the permission iff the ID is valid.
|
| + security_policy->GrantReadFileSystem(child_id, filesystem_id);
|
| + }
|
| + drop_data->filesystem_id = base::UTF8ToUTF16(filesystem_id);
|
| + }
|
| +
|
| + for (auto& file_system_file : drop_data->file_system_files) {
|
| + storage::FileSystemURL file_system_url =
|
| + file_system_context->CrackURL(file_system_file.url);
|
| +
|
| + std::string register_name;
|
| + std::string filesystem_id = isolated_context->RegisterFileSystemForPath(
|
| + file_system_url.type(), file_system_url.filesystem_id(),
|
| + file_system_url.path(), ®ister_name);
|
| +
|
| + if (!filesystem_id.empty()) {
|
| + // Grant the permission iff the ID is valid.
|
| + security_policy->GrantReadFileSystem(child_id, filesystem_id);
|
| + }
|
| +
|
| + // Note: We are using the origin URL provided by the sender here. It may be
|
| + // different from the receiver's.
|
| + file_system_file.url =
|
| + GURL(storage::GetIsolatedFileSystemRootURIString(
|
| + file_system_url.origin(), filesystem_id, std::string())
|
| + .append(register_name));
|
| + file_system_file.filesystem_id = filesystem_id;
|
| + }
|
| +}
|
| +
|
| } // namespace content
|
|
|
Chromium Code Reviews
Issue 2830743004:
Extracting and unittesting PrepareDropDataForChildProcess function. (Closed)
