Chromium Code Reviews Chromium Code Reviews
Issue 750773003:
Safebrowsing download protection: also check blob URLs. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/compiler_specific.h" | 8 #include "base/compiler_specific.h" |
| 9 #include "base/format_macros.h" | 9 #include "base/format_macros.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 294 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 305 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 305 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 306 // TODO(noelutz): implement some cache to make sure we don't issue the same | 306 // TODO(noelutz): implement some cache to make sure we don't issue the same |
| 307 // request over and over again if a user downloads the same binary multiple | 307 // request over and over again if a user downloads the same binary multiple |
| 308 // times. | 308 // times. |
| 309 DownloadCheckResultReason reason = REASON_MAX; | 309 DownloadCheckResultReason reason = REASON_MAX; |
| 310 if (!IsSupportedDownload( | 310 if (!IsSupportedDownload( |
| 311 *item_, item_->GetTargetFilePath(), &reason, &type_)) { | 311 *item_, item_->GetTargetFilePath(), &reason, &type_)) { |
| 312 switch (reason) { | 312 switch (reason) { |
| 313 case REASON_EMPTY_URL_CHAIN: | 313 case REASON_EMPTY_URL_CHAIN: |
| 314 case REASON_INVALID_URL: | 314 case REASON_INVALID_URL: |
| 315 case REASON_UNSUPPORTED_URL_SCHEME: | |
| 315 PostFinishTask(UNKNOWN, reason); | 316 PostFinishTask(UNKNOWN, reason); |
| 316 return; | 317 return; |
| 317 | 318 |
| 318 case REASON_NOT_BINARY_FILE: | 319 case REASON_NOT_BINARY_FILE: |
| 319 RecordFileExtensionType(item_->GetTargetFilePath()); | 320 RecordFileExtensionType(item_->GetTargetFilePath()); |
| 320 PostFinishTask(UNKNOWN, reason); | 321 PostFinishTask(UNKNOWN, reason); |
| 321 return; | 322 return; |
| 322 | 323 |
| 323 default: | 324 default: |
| 324 // We only expect the reasons explicitly handled above. | 325 // We only expect the reasons explicitly handled above. |
| (...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 455 | 456 |
| 456 static bool IsSupportedDownload(const content::DownloadItem& item, | 457 static bool IsSupportedDownload(const content::DownloadItem& item, |
| 457 const base::FilePath& target_path, | 458 const base::FilePath& target_path, |
| 458 DownloadCheckResultReason* reason, | 459 DownloadCheckResultReason* reason, |
| 459 ClientDownloadRequest::DownloadType* type) { | 460 ClientDownloadRequest::DownloadType* type) { |
| 460 if (item.GetUrlChain().empty()) { | 461 if (item.GetUrlChain().empty()) { |
| 461 *reason = REASON_EMPTY_URL_CHAIN; | 462 *reason = REASON_EMPTY_URL_CHAIN; |
| 462 return false; | 463 return false; |
| 463 } | 464 } |
| 464 const GURL& final_url = item.GetUrlChain().back(); | 465 const GURL& final_url = item.GetUrlChain().back(); |
| 465 if (!final_url.is_valid() || final_url.is_empty() || | 466 if (!final_url.is_valid() || final_url.is_empty()) { |
| 466 !final_url.IsStandard() || final_url.SchemeIsFile()) { | |
| 467 *reason = REASON_INVALID_URL; | 467 *reason = REASON_INVALID_URL; |
| 468 return false; | 468 return false; |
| 469 } | 469 } |
| 470 if ((!final_url.IsStandard() && !final_url.SchemeIsBlob()) || | |
| 471 final_url.SchemeIsFile()) { | |
| 472 *reason = REASON_UNSUPPORTED_URL_SCHEME; | |
|
noé
2014/12/03 00:56:40
What other schemes are there? Just curious.
| |
| 473 return false; | |
| 474 } | |
| 470 if (!download_protection_util::IsBinaryFile(target_path)) { | 475 if (!download_protection_util::IsBinaryFile(target_path)) { |
| 471 *reason = REASON_NOT_BINARY_FILE; | 476 *reason = REASON_NOT_BINARY_FILE; |
| 472 return false; | 477 return false; |
| 473 } | 478 } |
| 474 *type = download_protection_util::GetDownloadType(target_path); | 479 *type = download_protection_util::GetDownloadType(target_path); |
| 475 return true; | 480 return true; |
| 476 } | 481 } |
| 477 | 482 |
| 478 private: | 483 private: |
| 479 friend struct BrowserThread::DeleteOnThread<BrowserThread::UI>; | 484 friend struct BrowserThread::DeleteOnThread<BrowserThread::UI>; |
| (...skipping 625 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1105 GURL DownloadProtectionService::GetDownloadRequestUrl() { | 1110 GURL DownloadProtectionService::GetDownloadRequestUrl() { |
| 1106 GURL url(kDownloadRequestUrl); | 1111 GURL url(kDownloadRequestUrl); |
| 1107 std::string api_key = google_apis::GetAPIKey(); | 1112 std::string api_key = google_apis::GetAPIKey(); |
| 1108 if (!api_key.empty()) | 1113 if (!api_key.empty()) |
| 1109 url = url.Resolve("?key=" + net::EscapeQueryParamValue(api_key, true)); | 1114 url = url.Resolve("?key=" + net::EscapeQueryParamValue(api_key, true)); |
| 1110 | 1115 |
| 1111 return url; | 1116 return url; |
| 1112 } | 1117 } |
| 1113 | 1118 |
| 1114 } // namespace safe_browsing | 1119 } // namespace safe_browsing |
| OLD | NEW |
