Home | History | Annotate | Download | only in download
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include <set>
      6 #include <string>
      7 
      8 #include "chrome/browser/download/download_extensions.h"
      9 
     10 #include "base/strings/string_util.h"
     11 #include "net/base/mime_util.h"
     12 #include "net/base/net_util.h"
     13 
     14 namespace download_util {
     15 
     16 // For file extensions taken from mozilla:
     17 
     18 /* ***** BEGIN LICENSE BLOCK *****
     19  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
     20  *
     21  * The contents of this file are subject to the Mozilla Public License Version
     22  * 1.1 (the "License"); you may not use this file except in compliance with
     23  * the License. You may obtain a copy of the License at
     24  * http://www.mozilla.org/MPL/
     25  *
     26  * Software distributed under the License is distributed on an "AS IS" basis,
     27  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
     28  * for the specific language governing rights and limitations under the
     29  * License.
     30  *
     31  * The Original Code is Mozilla Communicator client code, released
     32  * March 31, 1998.
     33  *
     34  * The Initial Developer of the Original Code is
     35  * Netscape Communications Corporation.
     36  * Portions created by the Initial Developer are Copyright (C) 1998-1999
     37  * the Initial Developer. All Rights Reserved.
     38  *
     39  * Contributor(s):
     40  *   Doug Turner <dougt (at) netscape.com>
     41  *   Dean Tessman <dean_tessman (at) hotmail.com>
     42  *   Brodie Thiesfield <brofield (at) jellycan.com>
     43  *   Jungshik Shin <jshin (at) i18nl10n.com>
     44  *
     45  * Alternatively, the contents of this file may be used under the terms of
     46  * either of the GNU General Public License Version 2 or later (the "GPL"),
     47  * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
     48  * in which case the provisions of the GPL or the LGPL are applicable instead
     49  * of those above. If you wish to allow use of your version of this file only
     50  * under the terms of either the GPL or the LGPL, and not to allow others to
     51  * use your version of this file under the terms of the MPL, indicate your
     52  * decision by deleting the provisions above and replace them with the notice
     53  * and other provisions required by the GPL or the LGPL. If you do not delete
     54  * the provisions above, a recipient may use your version of this file under
     55  * the terms of any one of the MPL, the GPL or the LGPL.
     56  *
     57  * ***** END LICENSE BLOCK ***** */
     58 
     59 static const struct Executables {
     60     const char* extension;
     61     DownloadDangerLevel level;
     62 } g_executables[] = {
     63   // Some files are dangerous on all platforms.
     64   //
     65   // Flash files downloaded locally can sometimes access the local filesystem.
     66   { "swf", DANGEROUS },
     67   { "spl", DANGEROUS },
     68   // Chrome extensions should be obtained through the web store.
     69   { "crx", ALLOW_ON_USER_GESTURE },
     70 
     71   // Windows, all file categories.
     72 #if defined(OS_WIN)
     73   { "ad", ALLOW_ON_USER_GESTURE },
     74   { "ade", ALLOW_ON_USER_GESTURE },
     75   { "adp", ALLOW_ON_USER_GESTURE },
     76   { "app", ALLOW_ON_USER_GESTURE },
     77   { "application", ALLOW_ON_USER_GESTURE },
     78   { "asp", ALLOW_ON_USER_GESTURE },
     79   { "asx", ALLOW_ON_USER_GESTURE },
     80   { "bas", ALLOW_ON_USER_GESTURE },
     81   { "bat", ALLOW_ON_USER_GESTURE },
     82   { "cfg", DANGEROUS },
     83   { "chi", ALLOW_ON_USER_GESTURE },
     84   { "chm", ALLOW_ON_USER_GESTURE },
     85   { "cmd", ALLOW_ON_USER_GESTURE },
     86   { "com", ALLOW_ON_USER_GESTURE },
     87   { "cpl", ALLOW_ON_USER_GESTURE },
     88   { "crt", ALLOW_ON_USER_GESTURE },
     89   { "dll", DANGEROUS },
     90   { "drv", DANGEROUS },
     91   { "exe", ALLOW_ON_USER_GESTURE },
     92   { "fxp", ALLOW_ON_USER_GESTURE },
     93   { "grp", DANGEROUS },
     94   { "hlp", ALLOW_ON_USER_GESTURE },
     95   { "hta", ALLOW_ON_USER_GESTURE },
     96   { "htt", ALLOW_ON_USER_GESTURE },
     97   { "inf", ALLOW_ON_USER_GESTURE },
     98   { "ini", DANGEROUS },
     99   { "ins", ALLOW_ON_USER_GESTURE },
    100   { "isp", ALLOW_ON_USER_GESTURE },
    101   { "js", ALLOW_ON_USER_GESTURE },
    102   { "jse", ALLOW_ON_USER_GESTURE },
    103   { "lnk", ALLOW_ON_USER_GESTURE },
    104   { "local", DANGEROUS },
    105   { "mad", ALLOW_ON_USER_GESTURE },
    106   { "maf", ALLOW_ON_USER_GESTURE },
    107   { "mag", ALLOW_ON_USER_GESTURE },
    108   { "mam", ALLOW_ON_USER_GESTURE },
    109   { "manifest", DANGEROUS },
    110   { "maq", ALLOW_ON_USER_GESTURE },
    111   { "mar", ALLOW_ON_USER_GESTURE },
    112   { "mas", ALLOW_ON_USER_GESTURE },
    113   { "mat", ALLOW_ON_USER_GESTURE },
    114   { "mau", ALLOW_ON_USER_GESTURE },
    115   { "mav", ALLOW_ON_USER_GESTURE },
    116   { "maw", ALLOW_ON_USER_GESTURE },
    117   { "mda", ALLOW_ON_USER_GESTURE },
    118   { "mdb", ALLOW_ON_USER_GESTURE },
    119   { "mde", ALLOW_ON_USER_GESTURE },
    120   { "mdt", ALLOW_ON_USER_GESTURE },
    121   { "mdw", ALLOW_ON_USER_GESTURE },
    122   { "mdz", ALLOW_ON_USER_GESTURE },
    123   { "mht", ALLOW_ON_USER_GESTURE },
    124   { "mhtml", ALLOW_ON_USER_GESTURE },
    125   { "mmc", ALLOW_ON_USER_GESTURE },
    126   { "mof", DANGEROUS },
    127   { "msc", ALLOW_ON_USER_GESTURE },
    128   { "msh", ALLOW_ON_USER_GESTURE },
    129   { "mshxml", ALLOW_ON_USER_GESTURE },
    130   { "msi", ALLOW_ON_USER_GESTURE },
    131   { "msp", ALLOW_ON_USER_GESTURE },
    132   { "mst", ALLOW_ON_USER_GESTURE },
    133   { "ocx", DANGEROUS },
    134   { "ops", ALLOW_ON_USER_GESTURE },
    135   { "pcd", ALLOW_ON_USER_GESTURE },
    136   { "pif", ALLOW_ON_USER_GESTURE },
    137   { "plg", ALLOW_ON_USER_GESTURE },
    138   { "prf", ALLOW_ON_USER_GESTURE },
    139   { "prg", ALLOW_ON_USER_GESTURE },
    140   { "pst", ALLOW_ON_USER_GESTURE },
    141   { "reg", ALLOW_ON_USER_GESTURE },
    142   { "scf", ALLOW_ON_USER_GESTURE },
    143   { "scr", ALLOW_ON_USER_GESTURE },
    144   { "sct", ALLOW_ON_USER_GESTURE },
    145   { "shb", ALLOW_ON_USER_GESTURE },
    146   { "shs", ALLOW_ON_USER_GESTURE },
    147   { "sys", DANGEROUS },
    148   { "url", ALLOW_ON_USER_GESTURE },
    149   { "vb", ALLOW_ON_USER_GESTURE },
    150   { "vbe", ALLOW_ON_USER_GESTURE },
    151   { "vbs", ALLOW_ON_USER_GESTURE },
    152   { "vsd", ALLOW_ON_USER_GESTURE },
    153   { "vsmacros", ALLOW_ON_USER_GESTURE },
    154   { "vss", ALLOW_ON_USER_GESTURE },
    155   { "vst", ALLOW_ON_USER_GESTURE },
    156   { "vsw", ALLOW_ON_USER_GESTURE },
    157   { "ws", ALLOW_ON_USER_GESTURE },
    158   { "wsc", ALLOW_ON_USER_GESTURE },
    159   { "wsf", ALLOW_ON_USER_GESTURE },
    160   { "wsh", ALLOW_ON_USER_GESTURE },
    161   { "xbap", DANGEROUS },
    162 #endif  // OS_WIN
    163 
    164   // Java.
    165 #if !defined(OS_CHROMEOS)
    166   { "class", DANGEROUS },
    167   { "jar", DANGEROUS },
    168   { "jnlp", DANGEROUS },
    169 #endif
    170 
    171   // Scripting languages. (Shells are handled below.)
    172 #if !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
    173   { "pl", ALLOW_ON_USER_GESTURE },
    174   { "py", ALLOW_ON_USER_GESTURE },
    175   { "pyc", ALLOW_ON_USER_GESTURE },
    176   { "pyw", ALLOW_ON_USER_GESTURE },
    177   { "rb", ALLOW_ON_USER_GESTURE },
    178 #endif
    179 
    180   // Shell languages. (OS_ANDROID is OS_POSIX.) OS_WIN shells are handled above.
    181 #if defined(OS_POSIX)
    182   { "bash", ALLOW_ON_USER_GESTURE },
    183   { "csh", ALLOW_ON_USER_GESTURE },
    184   { "ksh", ALLOW_ON_USER_GESTURE },
    185   { "sh", ALLOW_ON_USER_GESTURE },
    186   { "shar", ALLOW_ON_USER_GESTURE },
    187   { "tcsh", ALLOW_ON_USER_GESTURE },
    188 #endif
    189 #if defined(OS_MACOSX)
    190   { "command", ALLOW_ON_USER_GESTURE },
    191 #endif
    192 
    193   // Package management formats. OS_WIN package formats are handled above.
    194 #if defined(OS_MACOSX) || defined(OS_LINUX)
    195   { "pkg", ALLOW_ON_USER_GESTURE },
    196 #endif
    197 #if defined(OS_LINUX)
    198   { "deb", ALLOW_ON_USER_GESTURE },
    199   { "rpm", ALLOW_ON_USER_GESTURE },
    200 #endif
    201 #if defined(OS_ANDROID)
    202   { "apk", ALLOW_ON_USER_GESTURE },
    203   { "dex", ALLOW_ON_USER_GESTURE },  // Really an executable format.
    204 #endif
    205 };
    206 
    207 DownloadDangerLevel GetFileDangerLevel(const base::FilePath& path) {
    208   base::FilePath::StringType extension(path.FinalExtension());
    209   if (extension.empty())
    210     return NOT_DANGEROUS;
    211   if (!IsStringASCII(extension))
    212     return NOT_DANGEROUS;
    213 #if defined(OS_WIN)
    214   std::string ascii_extension = WideToASCII(extension);
    215 #elif defined(OS_POSIX)
    216   std::string ascii_extension = extension;
    217 #endif
    218 
    219   // Strip out leading dot if it's still there
    220   if (ascii_extension[0] == base::FilePath::kExtensionSeparator)
    221     ascii_extension.erase(0, 1);
    222 
    223   for (size_t i = 0; i < arraysize(g_executables); ++i) {
    224     if (LowerCaseEqualsASCII(ascii_extension, g_executables[i].extension))
    225       return g_executables[i].level;
    226   }
    227   return NOT_DANGEROUS;
    228 }
    229 
    230 static const char* kExecutableWhiteList[] = {
    231   // JavaScript is just as powerful as EXE.
    232   "text/javascript",
    233   "text/javascript;version=*",
    234   "text/html",
    235   // Registry files can cause critical changes to the MS OS behavior.
    236   // Addition of this mimetype also addresses bug 7337.
    237   "text/x-registry",
    238   "text/x-sh",
    239   // Some sites use binary/octet-stream to mean application/octet-stream.
    240   // See http://code.google.com/p/chromium/issues/detail?id=1573
    241   "binary/octet-stream"
    242 };
    243 
    244 static const char* kExecutableBlackList[] = {
    245   // These application types are not executable.
    246   "application/*+xml",
    247   "application/xml"
    248 };
    249 
    250 bool IsExecutableMimeType(const std::string& mime_type) {
    251   for (size_t i = 0; i < arraysize(kExecutableWhiteList); ++i) {
    252     if (net::MatchesMimeType(kExecutableWhiteList[i], mime_type))
    253       return true;
    254   }
    255   for (size_t i = 0; i < arraysize(kExecutableBlackList); ++i) {
    256     if (net::MatchesMimeType(kExecutableBlackList[i], mime_type))
    257       return false;
    258   }
    259   // We consider only other application types to be executable.
    260   return net::MatchesMimeType("application/*", mime_type);
    261 }
    262 
    263 
    264 }  // namespace download_util
    265