For downloads requiring a user gesture, also require the user to have visited the site before today, to hamper attackers.

BUG=81741 TEST=.exe downloads on Windows triggered by an explicit link click should prompt you to confirm iff they are hosted on a site you have not visited before today. Review URL: http://codereview.chromium.org/7065015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86518 0039d316-1c4b-4281-b951-d872f2087c98
author: pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-05-24 23:14:15 +0000
committer: pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-05-24 23:14:15 +0000
commit: 8800800697a3463b8ebcdb86acad746943088b70 (patch)
tree: e88e7b8119079a4f0b066743b37612f570723bdb /chrome/browser/download/download_history.cc
parent: 30fc7a827148fe22782fc8202e9c8602d1448a01 (diff)
download: chromium_src-8800800697a3463b8ebcdb86acad746943088b70.zip
chromium_src-8800800697a3463b8ebcdb86acad746943088b70.tar.gz
chromium_src-8800800697a3463b8ebcdb86acad746943088b70.tar.bz2
1 files changed, 33 insertions, 5 deletions
diff --git a/chrome/browser/download/download_history.cc b/chrome/browser/download/download_history.cc
index b19f240..e546917 100644
--- a/chrome/browser/download/download_history.cc
+++ b/chrome/browser/download/download_history.cc
@@ -39,6 +39,25 @@ void DownloadHistory::Load(HistoryService::DownloadQueryCallback* callback) {
   hs->CleanUpInProgressEntries();
 }
 
+void DownloadHistory::CheckVisitedReferrerBefore(
+    int32 download_id,
+    const GURL& referrer_url,
+    VisitedBeforeDoneCallback* callback) {
+  DCHECK(callback);
+
+  if (referrer_url.is_valid()) {
+    HistoryService* hs = profile_->GetHistoryService(Profile::EXPLICIT_ACCESS);
+    if (hs) {
+      HistoryService::Handle handle = hs->GetVisitCountToHost(referrer_url,
+          &history_consumer_,
+          NewCallback(this, &DownloadHistory::OnGotVisitCountToHost));
+      visited_before_requests_[handle] = std::make_pair(download_id, callback);
+      return;
+    }
+  }
+  callback->Run(download_id, false);
+}
+
 void DownloadHistory::AddEntry(
     DownloadItem* download_item,
     HistoryService::DownloadCreateCallback* callback) {
@@ -52,7 +71,6 @@ void DownloadHistory::AddEntry(
   // handles, so we use a negative value. Eventually, they could overlap, but
   // you'd have to do enough downloading that your ISP would likely stab you in
   // the neck first. YMMV.
-  // TODO(paulg) see bug 958058. EXPLICIT_ACCESS below is wrong.
   HistoryService* hs = profile_->GetHistoryService(Profile::EXPLICIT_ACCESS);
   if (download_item->is_otr() || download_item->is_extension_install() ||
       download_item->is_temporary() || !hs) {
@@ -74,7 +92,6 @@ void DownloadHistory::UpdateEntry(DownloadItem* download_item) {
   if (download_item->db_handle() <= kUninitializedHandle)
     return;
 
-  // TODO(paulg) see bug 958058. EXPLICIT_ACCESS below is wrong.
   HistoryService* hs = profile_->GetHistoryService(Profile::EXPLICIT_ACCESS);
   if (!hs)
     return;
@@ -90,7 +107,6 @@ void DownloadHistory::UpdateDownloadPath(DownloadItem* download_item,
   if (download_item->db_handle() <= kUninitializedHandle)
     return;
 
-  // TODO(paulg) see bug 958058. EXPLICIT_ACCESS below is wrong.
   HistoryService* hs = profile_->GetHistoryService(Profile::EXPLICIT_ACCESS);
   if (hs)
     hs->UpdateDownloadPath(new_path, download_item->db_handle());
@@ -101,7 +117,6 @@ void DownloadHistory::RemoveEntry(DownloadItem* download_item) {
   if (download_item->db_handle() <= kUninitializedHandle)
     return;
 
-  // TODO(paulg) see bug 958058. EXPLICIT_ACCESS below is wrong.
   HistoryService* hs = profile_->GetHistoryService(Profile::EXPLICIT_ACCESS);
   if (hs)
     hs->RemoveDownload(download_item->db_handle());
@@ -109,7 +124,6 @@ void DownloadHistory::RemoveEntry(DownloadItem* download_item) {
 
 void DownloadHistory::RemoveEntriesBetween(const base::Time remove_begin,
                                            const base::Time remove_end) {
-  // TODO(paulg) see bug 958058. EXPLICIT_ACCESS below is wrong.
   HistoryService* hs = profile_->GetHistoryService(Profile::EXPLICIT_ACCESS);
   if (hs)
     hs->RemoveDownloadsBetween(remove_begin, remove_end);
@@ -118,3 +132,17 @@ void DownloadHistory::RemoveEntriesBetween(const base::Time remove_begin,
 int64 DownloadHistory::GetNextFakeDbHandle() {
   return next_fake_db_handle_--;
 }
+
+void DownloadHistory::OnGotVisitCountToHost(HistoryService::Handle handle,
+                                            bool found_visits,
+                                            int count,
+                                            base::Time first_visit) {
+  VisitedBeforeRequestsMap::iterator request =
+      visited_before_requests_.find(handle);
+  DCHECK(request != visited_before_requests_.end());
+  int32 download_id = request->second.first;
+  VisitedBeforeDoneCallback* callback = request->second.second;
+  visited_before_requests_.erase(request);
+  callback->Run(download_id, found_visits && count &&
+      (first_visit.LocalMidnight() < base::Time::Now().LocalMidnight()));
+}
author	pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-05-24 23:14:15 +0000
committer	pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-05-24 23:14:15 +0000
commit	8800800697a3463b8ebcdb86acad746943088b70 (patch)
tree	e88e7b8119079a4f0b066743b37612f570723bdb /chrome/browser/download/download_history.cc
parent	30fc7a827148fe22782fc8202e9c8602d1448a01 (diff)
download	chromium_src-8800800697a3463b8ebcdb86acad746943088b70.zip chromium_src-8800800697a3463b8ebcdb86acad746943088b70.tar.gz chromium_src-8800800697a3463b8ebcdb86acad746943088b70.tar.bz2