Prevent files saved via the "Save as..." page menu item from

being named maliciously.  This is mainly copying some code from
the download manager because it seems like a pretty large task to
refactor the save-as code right now.

Here's a demo page:
http://ponderer.org/tests/title-with-.exe.html

Clean up the naming convention of register prefs for the
safe browsing service to make it more like the other
register methods.

Review URL: http://codereview.chromium.org/16523

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@7595 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 6 insertions, 0 deletions

diff --git a/chrome/browser/download/download_manager.h b/chrome/browser/download/download_manager.h
index e2d3b5b..959fe82 100644
--- a/chrome/browser/download/download_manager.h
+++ b/chrome/browser/download/download_manager.h
@@ -407,6 +407,12 @@ class DownloadManager : public base::RefCountedThreadSafe<DownloadManager>,
   // Called when the user has validated the donwload of a dangerous file.
   void DangerousDownloadValidated(DownloadItem* download);
 
+  // Used to make sure we have a safe file extension and filename for a
+  // download.  |file_name| can either be just the file name or it can be a
+  // full path to a file.
+  void GenerateSafeFilename(const std::string& mime_type,
+                            std::wstring* file_name);
+
  private:
   // Shutdown the download manager.  This call is needed only after Init.
   void Shutdown();