Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(90)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/extensions/api/downloads/downloads_api.cc

Issue 491123004: Make sure that HttpRequestHeaders contains valid key-value pairs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: edit comment Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/extensions/api/downloads/downloads_api.h ('k') | chrome/browser/extensions/api/downloads/downloads_api_browsertest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/api/downloads/downloads_api.h" 5 #include "chrome/browser/extensions/api/downloads/downloads_api.h"
6 6
7 #include <set> 7 #include <set>
8 #include <string> 8 #include <string>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after
79 79
80 namespace download_extension_errors { 80 namespace download_extension_errors {
81 81
82 const char kEmptyFile[] = "Filename not yet determined"; 82 const char kEmptyFile[] = "Filename not yet determined";
83 const char kFileAlreadyDeleted[] = "Download file already deleted"; 83 const char kFileAlreadyDeleted[] = "Download file already deleted";
84 const char kFileNotRemoved[] = "Unable to remove file"; 84 const char kFileNotRemoved[] = "Unable to remove file";
85 const char kIconNotFound[] = "Icon not found"; 85 const char kIconNotFound[] = "Icon not found";
86 const char kInvalidDangerType[] = "Invalid danger type"; 86 const char kInvalidDangerType[] = "Invalid danger type";
87 const char kInvalidFilename[] = "Invalid filename"; 87 const char kInvalidFilename[] = "Invalid filename";
88 const char kInvalidFilter[] = "Invalid query filter"; 88 const char kInvalidFilter[] = "Invalid query filter";
89 const char kInvalidHeader[] = "Invalid request header"; 89 const char kInvalidHeaderName[] = "Invalid request header name";
90 const char kInvalidHeaderUnsafe[] = "Unsafe request header name";
91 const char kInvalidHeaderValue[] = "Invalid request header value";
90 const char kInvalidId[] = "Invalid downloadId"; 92 const char kInvalidId[] = "Invalid downloadId";
91 const char kInvalidOrderBy[] = "Invalid orderBy field"; 93 const char kInvalidOrderBy[] = "Invalid orderBy field";
92 const char kInvalidQueryLimit[] = "Invalid query limit"; 94 const char kInvalidQueryLimit[] = "Invalid query limit";
93 const char kInvalidState[] = "Invalid state"; 95 const char kInvalidState[] = "Invalid state";
94 const char kInvalidURL[] = "Invalid URL"; 96 const char kInvalidURL[] = "Invalid URL";
95 const char kInvisibleContext[] = "Javascript execution context is not visible " 97 const char kInvisibleContext[] = "Javascript execution context is not visible "
96 "(tab, window, popup bubble)"; 98 "(tab, window, popup bubble)";
97 const char kNotComplete[] = "Download must be complete"; 99 const char kNotComplete[] = "Download must be complete";
98 const char kNotDangerous[] = "Download must be dangerous"; 100 const char kNotDangerous[] = "Download must be dangerous";
99 const char kNotInProgress[] = "Download must be in progress"; 101 const char kNotInProgress[] = "Download must be in progress";
(...skipping 929 matching lines...) Expand 10 before | Expand all | Expand 10 after
1029 if (options.save_as.get()) 1031 if (options.save_as.get())
1030 download_params->set_prompt(*options.save_as.get()); 1032 download_params->set_prompt(*options.save_as.get());
1031 1033
1032 if (options.headers.get()) { 1034 if (options.headers.get()) {
1033 typedef downloads::HeaderNameValuePair HeaderNameValuePair; 1035 typedef downloads::HeaderNameValuePair HeaderNameValuePair;
1034 for (std::vector<linked_ptr<HeaderNameValuePair> >::const_iterator iter = 1036 for (std::vector<linked_ptr<HeaderNameValuePair> >::const_iterator iter =
1035 options.headers->begin(); 1037 options.headers->begin();
1036 iter != options.headers->end(); 1038 iter != options.headers->end();
1037 ++iter) { 1039 ++iter) {
1038 const HeaderNameValuePair& name_value = **iter; 1040 const HeaderNameValuePair& name_value = **iter;
1041 if (!net::HttpUtil::IsValidHeaderName(name_value.name)) {
1042 error_ = errors::kInvalidHeaderName;
1043 return false;
1044 }
1039 if (!net::HttpUtil::IsSafeHeader(name_value.name)) { 1045 if (!net::HttpUtil::IsSafeHeader(name_value.name)) {
1040 error_ = errors::kInvalidHeader; 1046 error_ = errors::kInvalidHeaderUnsafe;
1047 return false;
1048 }
1049 if (!net::HttpUtil::IsValidHeaderValue(name_value.value)) {
1050 error_ = errors::kInvalidHeaderValue;
1041 return false; 1051 return false;
1042 } 1052 }
1043 download_params->add_request_header(name_value.name, name_value.value); 1053 download_params->add_request_header(name_value.name, name_value.value);
1044 } 1054 }
1045 } 1055 }
1046 1056
1047 std::string method_string = 1057 std::string method_string =
1048 downloads::ToString(options.method); 1058 downloads::ToString(options.method);
1049 if (!method_string.empty()) 1059 if (!method_string.empty())
1050 download_params->set_method(method_string); 1060 download_params->set_method(method_string);
(...skipping 870 matching lines...) Expand 10 before | Expand all | Expand 10 after
1921 const Extension* extension, 1931 const Extension* extension,
1922 UnloadedExtensionInfo::Reason reason) { 1932 UnloadedExtensionInfo::Reason reason) {
1923 DCHECK_CURRENTLY_ON(BrowserThread::UI); 1933 DCHECK_CURRENTLY_ON(BrowserThread::UI);
1924 std::set<const Extension*>::iterator iter = 1934 std::set<const Extension*>::iterator iter =
1925 shelf_disabling_extensions_.find(extension); 1935 shelf_disabling_extensions_.find(extension);
1926 if (iter != shelf_disabling_extensions_.end()) 1936 if (iter != shelf_disabling_extensions_.end())
1927 shelf_disabling_extensions_.erase(iter); 1937 shelf_disabling_extensions_.erase(iter);
1928 } 1938 }
1929 1939
1930 } // namespace extensions 1940 } // namespace extensions
OLDNEW
« no previous file with comments | « chrome/browser/extensions/api/downloads/downloads_api.h ('k') | chrome/browser/extensions/api/downloads/downloads_api_browsertest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698