chrome/browser/download/download_extension_api.cc - Issue 9110042: Re-enable DownloadsApiTest.Downloads

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/download/download_extension_api.cc

Issue 9110042: Re-enable DownloadsApiTest.Downloads (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Another rebase Created 8 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/download/download_extension_api.cc

diff --git a/chrome/browser/download/download_extension_api.cc b/chrome/browser/download/download_extension_api.cc

index 3a382591be7789f937d7ca4162ad07be07100765..34055e06e2b5302cb7332feaaa0f3eb02c0f94d3 100644

--- a/chrome/browser/download/download_extension_api.cc

+++ b/chrome/browser/download/download_extension_api.cc

@@ -120,6 +120,17 @@ const char* StateString(DownloadItem::DownloadState state) {

}

+bool ValidateFilename(const string16& filename) {

+ // TODO(benjhayden): More robust validation of filename.

+ if (filename.size() >= 2u && filename[0] == L'.' && filename[1] == L'.')

+ return false;

+ if (filename.size() >= 1u && filename[0] == L'/')

+ return false;

+ return true;

} // namespace

bool DownloadsFunctionInterface::RunImplImpl(

@@ -192,30 +203,39 @@ bool DownloadsDownloadFunction::ParseArgs() {

error_ = download_extension_errors::kInvalidURLError;

return false;

}

- if (options->HasKey(kFilenameKey))

+ if (options->HasKey(kFilenameKey)) {

EXTENSION_FUNCTION_VALIDATE(options->GetString(

kFilenameKey, &iodata_->filename));

- // TODO(benjhayden): More robust validation of filename.

- if (((iodata_->filename[0] == L'.') && (iodata_->filename[1] == L'.')) ||

- (iodata_->filename[0] == L'/')) {

- error_ = download_extension_errors::kGenericError;

- return false;

+ if (!ValidateFilename(iodata_->filename)) {

+ error_ = download_extension_errors::kGenericError;

+ return false;

+ }

}

- if (options->HasKey(kSaveAsKey))

+ if (options->HasKey(kSaveAsKey)) {

EXTENSION_FUNCTION_VALIDATE(options->GetBoolean(

kSaveAsKey, &iodata_->save_as));

- if (options->HasKey(kMethodKey))

+ }

+ if (options->HasKey(kMethodKey)) {

EXTENSION_FUNCTION_VALIDATE(options->GetString(

kMethodKey, &iodata_->method));

+ }

// It's ok to use a pointer to extra_headers without DeepCopy()ing because

// |args_| (which owns *extra_headers) is guaranteed to live as long as

// |this|.

- if (options->HasKey(kHeadersKey))

+ if (options->HasKey(kHeadersKey)) {

EXTENSION_FUNCTION_VALIDATE(options->GetList(

kHeadersKey, &iodata_->extra_headers));

- if (options->HasKey(kBodyKey))

+ }

+ if (options->HasKey(kBodyKey)) {

EXTENSION_FUNCTION_VALIDATE(options->GetString(

kBodyKey, &iodata_->post_body));

+ }

if (iodata_->extra_headers != NULL) {

for (size_t index = 0; index < iodata_->extra_headers->GetSize(); ++index) {

base::DictionaryValue* header = NULL;

« no previous file with comments | « no previous file | chrome/browser/download/download_extension_apitest.cc » ('j') | no next file with comments »