Modify the "dangerous download" algorithm as follows. Original patch by Pierre-Antoine LaFayette (see http://codereview.chromium.org/1403001/ ), r=me,brettw,aa.

Downloads are considered dangerous if: 
a) The file is dangerous just by sitting on the drive, without needing to be clicked on e.g. dll, xbap 
b) The file is executable and the download was not user initiated. 
c) They are an extension that is not from the gallery 

We have defined a user initiated download as 3 possible cases: 
a) A user enters a URL into the address bar that is a file 
b) A user left clicks on a URL that is a file 
c) A user right clicks and does "Save As" on a URL that is a file. 

BUG=9044
TEST=Open a page with a download link to a dangerous file that is not an extension, e.g. an .exe file, and left click on the link. The download should proceed without a prompt.
Review URL: http://codereview.chromium.org/5603008

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@68406 0039d316-1c4b-4281-b951-d872f2087c98

8 files changed, 313 insertions, 260 deletions

diff --git a/chrome/browser/download/download_exe.cc b/chrome/browser/download/download_exe.cc
deleted file mode 100644
index 8111f5d..0000000
--- a/chrome/browser/download/download_exe.cc
+++ /dev/null
@@ -1,241 +0,0 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include <set>
-#include <string>
-
-#include "chrome/browser/download/download_util.h"
-
-#include "base/string_util.h"
-#include "net/base/mime_util.h"
-#include "net/base/net_util.h"
-
-namespace download_util {
-
-// For file extensions taken from mozilla:
-
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Mozilla Communicator client code, released
- * March 31, 1998.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998-1999
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Doug Turner <dougt@netscape.com>
- *   Dean Tessman <dean_tessman@hotmail.com>
- *   Brodie Thiesfield <brofield@jellycan.com>
- *   Jungshik Shin <jshin@i18nl10n.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either of the GNU General Public License Version 2 or later (the "GPL"),
- * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-static const char* const g_executables[] = {
-  "class",
-  "htm",
-  "html",
-  "jar",
-  "pdf",
-  "pdfxml",
-  "mars",
-  "fdf",
-  "xfdf",
-  "xdp",
-  "xfd",
-  "pl",
-  "py",
-  "rb",
-  "shtm",
-  "shtml",
-  "svg",
-  "swf",
-  "xht",
-  "xhtm",
-  "xhtml",
-  "xml",
-  "xsl",
-  "xslt",
-#if defined(OS_WIN)
-  "ad",
-  "ade",
-  "adp",
-  "app",
-  "application",
-  "asp",
-  "asx",
-  "bas",
-  "bat",
-  "chm",
-  "cmd",
-  "com",
-  "cpl",
-  "crt",
-  "dll",
-  "exe",
-  "fxp",
-  "hlp",
-  "hta",
-  "htt",
-  "inf",
-  "ins",
-  "isp",
-  "js",
-  "jse",
-  "lnk",
-  "mad",
-  "maf",
-  "mag",
-  "mam",
-  "maq",
-  "mar",
-  "mas",
-  "mat",
-  "mau",
-  "mav",
-  "maw",
-  "mda",
-  "mdb",
-  "mde",
-  "mdt",
-  "mdw",
-  "mdz",
-  "mht",
-  "mhtml",
-  "msc",
-  "msh",
-  "mshxml",
-  "msi",
-  "msp",
-  "mst",
-  "ocx",
-  "ops",
-  "pcd",
-  "pif",
-  "plg",
-  "prf",
-  "prg",
-  "pst",
-  "reg",
-  "scf",
-  "scr",
-  "sct",
-  "shb",
-  "shs",
-  "url",
-  "vb",
-  "vbe",
-  "vbs",
-  "vsd",
-  "vsmacros",
-  "vss",
-  "vst",
-  "vsw",
-  "ws",
-  "wsc",
-  "wsf",
-  "wsh",
-  "xbap",
-#elif defined(OS_MACOSX)
-  // TODO(thakis): Figure out what makes sense here -- crbug.com/19096
-  "app",
-  "dmg",
-#elif defined(OS_POSIX)
-  // TODO(estade): lengthen this list.
-  "bash",
-  "csh",
-  "deb",
-  "exe",
-  "ksh",
-  "rpm",
-  "sh",
-  "tcsh",
-#endif
-};
-
-bool IsExecutableFile(const FilePath& path) {
-  return IsExecutableExtension(path.Extension());
-}
-
-bool IsExecutableExtension(const FilePath::StringType& extension) {
-  if (extension.empty())
-    return false;
-  if (!IsStringASCII(extension))
-    return false;
-#if defined(OS_WIN)
-  std::string ascii_extension = WideToASCII(extension);
-#elif defined(OS_POSIX)
-  std::string ascii_extension = extension;
-#endif
-
-  // Strip out leading dot if it's still there
-  if (ascii_extension[0] == FilePath::kExtensionSeparator)
-    ascii_extension.erase(0, 1);
-
-  for (size_t i = 0; i < arraysize(g_executables); ++i) {
-    if (LowerCaseEqualsASCII(ascii_extension, g_executables[i]))
-      return true;
-  }
-  return false;
-}
-
-static const char* kExecutableWhiteList[] = {
-  // JavaScript is just as powerful as EXE.
-  "text/javascript",
-  "text/javascript;version=*",
-  "text/html",
-  // Registry files can cause critical changes to the MS OS behavior.
-  // Addition of this mimetype also addresses bug 7337.
-  "text/x-registry",
-  "text/x-sh",
-  // Some sites use binary/octet-stream to mean application/octet-stream.
-  // See http://code.google.com/p/chromium/issues/detail?id=1573
-  "binary/octet-stream"
-};
-
-static const char* kExecutableBlackList[] = {
-  // These application types are not executable.
-  "application/*+xml",
-  "application/xml"
-};
-
-bool IsExecutableMimeType(const std::string& mime_type) {
-  for (size_t i = 0; i < arraysize(kExecutableWhiteList); ++i) {
-    if (net::MatchesMimeType(kExecutableWhiteList[i], mime_type))
-      return true;
-  }
-  for (size_t i = 0; i < arraysize(kExecutableBlackList); ++i) {
-    if (net::MatchesMimeType(kExecutableBlackList[i], mime_type))
-      return false;
-  }
-  // We consider only other application types to be executable.
-  return net::MatchesMimeType("application/*", mime_type);
-}
-
-
-}  // namespace download_util
diff --git a/chrome/browser/download/download_extensions.cc b/chrome/browser/download/download_extensions.cc
new file mode 100644
index 0000000..f246b1d7
--- /dev/null
+++ b/chrome/browser/download/download_extensions.cc
@@ -0,0 +1,258 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <set>
+#include <string>
+
+#include "chrome/browser/download/download_extensions.h"
+
+#include "base/string_util.h"
+#include "net/base/mime_util.h"
+#include "net/base/net_util.h"
+
+namespace download_util {
+
+// For file extensions taken from mozilla:
+
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is Mozilla Communicator client code, released
+ * March 31, 1998.
+ *
+ * The Initial Developer of the Original Code is
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1998-1999
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Doug Turner <dougt@netscape.com>
+ *   Dean Tessman <dean_tessman@hotmail.com>
+ *   Brodie Thiesfield <brofield@jellycan.com>
+ *   Jungshik Shin <jshin@i18nl10n.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either of the GNU General Public License Version 2 or later (the "GPL"),
+ * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+static const struct Executables {
+    const char* extension;
+    DownloadDangerLevel level;
+} g_executables[] = {
+  { "class", AllowOnUserGesture },
+  { "htm", AllowOnUserGesture },
+  { "html", AllowOnUserGesture },
+  { "jar", AllowOnUserGesture },
+  { "jnlp", AllowOnUserGesture },
+  { "pdf", AllowOnUserGesture },
+  { "pdfxml", AllowOnUserGesture },
+  { "mars", AllowOnUserGesture },
+  { "fdf", AllowOnUserGesture },
+  { "xfdf", AllowOnUserGesture },
+  { "xdp", AllowOnUserGesture },
+  { "xfd", AllowOnUserGesture },
+  { "pl", AllowOnUserGesture },
+  { "py", AllowOnUserGesture },
+  { "rb", AllowOnUserGesture },
+  { "shtm", AllowOnUserGesture },
+  { "shtml", AllowOnUserGesture },
+  { "svg", AllowOnUserGesture },
+  { "swf", AllowOnUserGesture },
+  { "xht", AllowOnUserGesture },
+  { "xhtm", AllowOnUserGesture },
+  { "xhtml", AllowOnUserGesture },
+  { "xml", AllowOnUserGesture },
+  { "xsl", AllowOnUserGesture },
+  { "xslt", AllowOnUserGesture },
+#if defined(OS_WIN)
+  { "ad", AllowOnUserGesture },
+  { "ade", AllowOnUserGesture },
+  { "adp", AllowOnUserGesture },
+  { "app", AllowOnUserGesture },
+  { "application", AllowOnUserGesture },
+  { "asp", AllowOnUserGesture },
+  { "asx", AllowOnUserGesture },
+  { "bas", AllowOnUserGesture },
+  { "bat", AllowOnUserGesture },
+  { "chi", AllowOnUserGesture },
+  { "chm", AllowOnUserGesture },
+  { "cmd", AllowOnUserGesture },
+  { "com", AllowOnUserGesture },
+  { "cpl", AllowOnUserGesture },
+  { "crt", AllowOnUserGesture },
+  { "dll", Dangerous },
+  { "drv", Dangerous },
+  { "exe", AllowOnUserGesture },
+  { "fxp", AllowOnUserGesture },
+  { "hlp", AllowOnUserGesture },
+  { "hta", AllowOnUserGesture },
+  { "htt", AllowOnUserGesture },
+  { "inf", AllowOnUserGesture },
+  { "ins", AllowOnUserGesture },
+  { "isp", AllowOnUserGesture },
+  { "js", AllowOnUserGesture },
+  { "jse", AllowOnUserGesture },
+  { "lnk", AllowOnUserGesture },
+  { "mad", AllowOnUserGesture },
+  { "maf", AllowOnUserGesture },
+  { "mag", AllowOnUserGesture },
+  { "mam", AllowOnUserGesture },
+  { "maq", AllowOnUserGesture },
+  { "mar", AllowOnUserGesture },
+  { "mas", AllowOnUserGesture },
+  { "mat", AllowOnUserGesture },
+  { "mau", AllowOnUserGesture },
+  { "mav", AllowOnUserGesture },
+  { "maw", AllowOnUserGesture },
+  { "mda", AllowOnUserGesture },
+  { "mdb", AllowOnUserGesture },
+  { "mde", AllowOnUserGesture },
+  { "mdt", AllowOnUserGesture },
+  { "mdw", AllowOnUserGesture },
+  { "mdz", AllowOnUserGesture },
+  { "mht", AllowOnUserGesture },
+  { "mhtml", AllowOnUserGesture },
+  { "mmc", AllowOnUserGesture },
+  { "msc", AllowOnUserGesture },
+  { "msh", AllowOnUserGesture },
+  { "mshxml", AllowOnUserGesture },
+  { "msi", AllowOnUserGesture },
+  { "msp", AllowOnUserGesture },
+  { "mst", AllowOnUserGesture },
+  { "ocx", AllowOnUserGesture },
+  { "ops", AllowOnUserGesture },
+  { "pcd", AllowOnUserGesture },
+  { "pif", AllowOnUserGesture },
+  { "plg", AllowOnUserGesture },
+  { "prf", AllowOnUserGesture },
+  { "prg", AllowOnUserGesture },
+  { "pst", AllowOnUserGesture },
+  { "reg", AllowOnUserGesture },
+  { "scf", AllowOnUserGesture },
+  { "scr", AllowOnUserGesture },
+  { "sct", AllowOnUserGesture },
+  { "shb", AllowOnUserGesture },
+  { "shs", AllowOnUserGesture },
+  { "sys", Dangerous },
+  { "url", AllowOnUserGesture },
+  { "vb", AllowOnUserGesture },
+  { "vbe", AllowOnUserGesture },
+  { "vbs", AllowOnUserGesture },
+  { "vsd", AllowOnUserGesture },
+  { "vsmacros", AllowOnUserGesture },
+  { "vss", AllowOnUserGesture },
+  { "vst", AllowOnUserGesture },
+  { "vsw", AllowOnUserGesture },
+  { "ws", AllowOnUserGesture },
+  { "wsc", AllowOnUserGesture },
+  { "wsf", AllowOnUserGesture },
+  { "wsh", AllowOnUserGesture },
+  { "xbap", Dangerous },
+#elif defined(OS_MACOSX)
+  // TODO(thakis): Figure out what makes sense here -- crbug.com/19096
+  { "app", AllowOnUserGesture },
+  { "dmg", AllowOnUserGesture },
+#elif defined(OS_POSIX)
+  // TODO(estade): lengthen this list.
+  { "bash", AllowOnUserGesture },
+  { "csh", AllowOnUserGesture },
+  { "deb", AllowOnUserGesture },
+  { "exe", AllowOnUserGesture },
+  { "ksh", AllowOnUserGesture },
+  { "rpm", AllowOnUserGesture },
+  { "sh", AllowOnUserGesture },
+  { "tcsh", AllowOnUserGesture },
+#endif
+};
+
+DownloadDangerLevel GetFileDangerLevel(const FilePath& path) {
+  return GetFileExtensionDangerLevel(path.Extension());
+}
+
+DownloadDangerLevel GetFileExtensionDangerLevel(
+    const FilePath::StringType& extension) {
+  if (extension.empty())
+    return NotDangerous;
+  if (!IsStringASCII(extension))
+    return NotDangerous;
+#if defined(OS_WIN)
+  std::string ascii_extension = WideToASCII(extension);
+#elif defined(OS_POSIX)
+  std::string ascii_extension = extension;
+#endif
+
+  // Strip out leading dot if it's still there
+  if (ascii_extension[0] == FilePath::kExtensionSeparator)
+    ascii_extension.erase(0, 1);
+
+  for (size_t i = 0; i < arraysize(g_executables); ++i) {
+    if (LowerCaseEqualsASCII(ascii_extension, g_executables[i].extension))
+      return g_executables[i].level;
+  }
+  return NotDangerous;
+}
+
+bool IsFileExtensionSafe(const FilePath::StringType& extension) {
+  return GetFileExtensionDangerLevel(extension) == NotDangerous;
+}
+
+bool IsFileSafe(const FilePath& path) {
+  return GetFileDangerLevel(path) == NotDangerous;
+}
+
+static const char* kExecutableWhiteList[] = {
+  // JavaScript is just as powerful as EXE.
+  "text/javascript",
+  "text/javascript;version=*",
+  "text/html",
+  // Registry files can cause critical changes to the MS OS behavior.
+  // Addition of this mimetype also addresses bug 7337.
+  "text/x-registry",
+  "text/x-sh",
+  // Some sites use binary/octet-stream to mean application/octet-stream.
+  // See http://code.google.com/p/chromium/issues/detail?id=1573
+  "binary/octet-stream"
+};
+
+static const char* kExecutableBlackList[] = {
+  // These application types are not executable.
+  "application/*+xml",
+  "application/xml"
+};
+
+bool IsExecutableMimeType(const std::string& mime_type) {
+  for (size_t i = 0; i < arraysize(kExecutableWhiteList); ++i) {
+    if (net::MatchesMimeType(kExecutableWhiteList[i], mime_type))
+      return true;
+  }
+  for (size_t i = 0; i < arraysize(kExecutableBlackList); ++i) {
+    if (net::MatchesMimeType(kExecutableBlackList[i], mime_type))
+      return false;
+  }
+  // We consider only other application types to be executable.
+  return net::MatchesMimeType("application/*", mime_type);
+}
+
+
+}  // namespace download_util
diff --git a/chrome/browser/download/download_extensions.h b/chrome/browser/download/download_extensions.h
new file mode 100644
index 0000000..3a7c557
--- /dev/null
+++ b/chrome/browser/download/download_extensions.h
@@ -0,0 +1,39 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_DOWNLOAD_DOWNLOAD_EXTENSIONS_H_
+#define CHROME_BROWSER_DOWNLOAD_DOWNLOAD_EXTENSIONS_H_
+#pragma once
+
+#include <string>
+
+#include "base/file_path.h"
+
+namespace download_util {
+
+enum DownloadDangerLevel {
+  NotDangerous,
+  AllowOnUserGesture,
+  Dangerous
+};
+
+// Determine the download danger level of a file.
+DownloadDangerLevel GetFileDangerLevel(const FilePath& path);
+
+// Determine the download danger level using a file extension.
+DownloadDangerLevel GetFileExtensionDangerLevel(
+    const FilePath::StringType& extension);
+
+// True if the download danger level of the file is NotDangerous.
+bool IsFileSafe(const FilePath& path);
+
+// True if the download danger level of the extension is NotDangerous.
+bool IsFileExtensionSafe(const FilePath::StringType& extension);
+
+// Tests if we think the server means for this mime_type to be executable.
+bool IsExecutableMimeType(const std::string& mime_type);
+
+}  // namespace download_util
+
+#endif  // CHROME_BROWSER_DOWNLOAD_DOWNLOAD_EXTENSIONS_H_
diff --git a/chrome/browser/download/download_item.cc b/chrome/browser/download/download_item.cc
index 7d3afb0..2feba50 100644
--- a/chrome/browser/download/download_item.cc
+++ b/chrome/browser/download/download_item.cc
@@ -13,6 +13,7 @@
 #include "base/utf_string_conversions.h"
 #include "net/base/net_util.h"
 #include "chrome/browser/browser_thread.h"
+#include "chrome/browser/download/download_extensions.h"
 #include "chrome/browser/download/download_file_manager.h"
 #include "chrome/browser/download/download_history.h"
 #include "chrome/browser/download/download_manager.h"
@@ -196,7 +197,7 @@ void DownloadItem::NotifyObserversDownloadFileCompleted() {
 
 bool DownloadItem::CanOpenDownload() {
   return !Extension::IsExtension(target_name_) &&
-      !download_util::IsExecutableFile(target_name_);
+      download_util::IsFileSafe(target_name_);
 }
 
 bool DownloadItem::ShouldOpenFileBasedOnExtension() {
diff --git a/chrome/browser/download/download_manager.cc b/chrome/browser/download/download_manager.cc
index c2b63f3..133ca29 100644
--- a/chrome/browser/download/download_manager.cc
+++ b/chrome/browser/download/download_manager.cc
@@ -20,6 +20,7 @@
 #include "chrome/browser/browser_list.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/browser_thread.h"
+#include "chrome/browser/download/download_extensions.h"
 #include "chrome/browser/download/download_file_manager.h"
 #include "chrome/browser/download/download_history.h"
 #include "chrome/browser/download/download_item.h"
@@ -836,7 +837,7 @@ bool DownloadManager::ShouldOpenFileBasedOnExtension(
   FilePath::StringType extension = path.Extension();
   if (extension.empty())
     return false;
-  if (download_util::IsExecutableExtension(extension))
+  if (!download_util::IsFileExtensionSafe(extension))
     return false;
   if (Extension::IsExtension(path))
     return false;
diff --git a/chrome/browser/download/download_prefs.cc b/chrome/browser/download/download_prefs.cc
index 7da48de..b4f9ddc 100644
--- a/chrome/browser/download/download_prefs.cc
+++ b/chrome/browser/download/download_prefs.cc
@@ -10,6 +10,7 @@
 #include "base/sys_string_conversions.h"
 #include "base/utf_string_conversions.h"
 #include "chrome/browser/browser_thread.h"
+#include "chrome/browser/download/download_extensions.h"
 #include "chrome/browser/download/download_util.h"
 #include "chrome/browser/prefs/pref_service.h"
 #include "chrome/common/pref_names.h"
@@ -31,7 +32,7 @@ DownloadPrefs::DownloadPrefs(PrefService* prefs) : prefs_(prefs) {
 #elif defined(OS_WIN)
     FilePath path(UTF8ToWide(extensions[i]));
 #endif
-    if (!extensions[i].empty() && !download_util::IsExecutableFile(path))
+    if (!extensions[i].empty() && download_util::IsFileSafe(path))
       auto_open_.insert(path.value());
   }
 }
@@ -88,7 +89,7 @@ bool DownloadPrefs::EnableAutoOpenBasedOnExtension(const FilePath& file_name) {
     return false;
   DCHECK(extension[0] == FilePath::kExtensionSeparator);
   extension.erase(0, 1);
-  if (download_util::IsExecutableExtension(extension))
+  if (!download_util::IsFileExtensionSafe(extension))
     return false;
 
   auto_open_.insert(extension);
diff --git a/chrome/browser/download/download_util.cc b/chrome/browser/download/download_util.cc
index 3dd6012..dbed4db 100644
--- a/chrome/browser/download/download_util.cc
+++ b/chrome/browser/download/download_util.cc
@@ -27,6 +27,7 @@
 #include "base/values.h"
 #include "base/win/windows_version.h"
 #include "chrome/browser/browser_thread.h"
+#include "chrome/browser/download/download_extensions.h"
 #include "chrome/browser/download/download_item.h"
 #include "chrome/browser/download/download_item_model.h"
 #include "chrome/browser/download/download_manager.h"
@@ -719,18 +720,22 @@ FilePath GetCrDownloadPath(const FilePath& suggested_path) {
 
 // TODO(erikkay,phajdan.jr): This is apparently not being exercised in tests.
 bool IsDangerous(DownloadCreateInfo* info, Profile* profile) {
-  // Downloads can be marked as dangerous for two reasons:
-  // a) They have a dangerous-looking filename
-  // b) They are an extension that is not from the gallery
-  if (IsExecutableFile(info->suggested_path.BaseName())) {
+  DownloadDangerLevel danger_level = GetFileDangerLevel(
+      info->suggested_path.BaseName());
+
+  if (danger_level == Dangerous) {
+    return true;
+  } else if (danger_level == AllowOnUserGesture && !info->has_user_gesture) {
     return true;
   } else if (info->is_extension_install) {
     ExtensionsService* service = profile->GetExtensionsService();
     if (!service ||
         !service->IsDownloadFromGallery(info->url, info->referrer_url)) {
+      // Extensions that are not from the gallery are considered dangerous.
       return true;
     }
   }
+
   return false;
 }
 
diff --git a/chrome/browser/download/download_util.h b/chrome/browser/download/download_util.h
index 0224a26..0a0bd90 100644
--- a/chrome/browser/download/download_util.h
+++ b/chrome/browser/download/download_util.h
@@ -150,17 +150,6 @@ void DragDownload(const DownloadItem* download,
                   SkBitmap* icon,
                   gfx::NativeView view);
 
-// Executable file support -----------------------------------------------------
-
-// Tests if a file is considered executable, based on its type.
-bool IsExecutableFile(const FilePath& path);
-
-// Determine if the specified extension is an executable extension.
-bool IsExecutableExtension(const FilePath::StringType& extension);
-
-// Tests if we think the server means for this mime_type to be executable.
-bool IsExecutableMimeType(const std::string& mime_type);
-
 // Helpers ---------------------------------------------------------------------
 
 // Creates a representation of a download in a format that the downloads