use webstore extent to verify gallery downloads

also relax test when command-line is used to allow empty referrers BUG=56795,54408 TEST=install an app from a /webstore URL Review URL: http://codereview.chromium.org/3616009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61960 0039d316-1c4b-4281-b951-d872f2087c98
author: erikkay@chromium.org <erikkay@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-10-08 15:24:07 +0000
committer: erikkay@chromium.org <erikkay@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-10-08 15:24:07 +0000
commit: d30719975739967af9e434ddb745a0bd64ec0daa (patch)
tree: 15b6799bbc90921f686e93a1e9201a468942ad1f /chrome/browser/download
parent: da8479bf90edb9b4de4f82b707b9282629d0a4ec (diff)
download: chromium_src-d30719975739967af9e434ddb745a0bd64ec0daa.zip
chromium_src-d30719975739967af9e434ddb745a0bd64ec0daa.tar.gz
chromium_src-d30719975739967af9e434ddb745a0bd64ec0daa.tar.bz2
3 files changed, 22 insertions, 11 deletions
diff --git a/chrome/browser/download/download_manager.cc b/chrome/browser/download/download_manager.cc
index bb9aeea..af3049e 100644
--- a/chrome/browser/download/download_manager.cc
+++ b/chrome/browser/download/download_manager.cc
@@ -295,16 +295,7 @@ void DownloadManager::StartDownload(DownloadCreateInfo* info) {
 
   if (!info->prompt_user_for_save_location &&
       info->save_info.file_path.empty()) {
-    // Downloads can be marked as dangerous for two reasons:
-    // a) They have a dangerous-looking filename
-    // b) They are an extension that is not from the gallery
-    if (download_util::IsExecutableFile(info->suggested_path.BaseName()))
-      info->is_dangerous = true;
-    else if (info->is_extension_install &&
-             !ExtensionsService::IsDownloadFromGallery(info->url,
-                                                       info->referrer_url)) {
-      info->is_dangerous = true;
-    }
+    info->is_dangerous = download_util::IsDangerous(info, profile());
   }
 
   // We need to move over to the download thread because we don't want to stat
diff --git a/chrome/browser/download/download_util.cc b/chrome/browser/download/download_util.cc
index 0a54b01..9b121b5 100644
--- a/chrome/browser/download/download_util.cc
+++ b/chrome/browser/download/download_util.cc
@@ -252,7 +252,7 @@ void OpenChromeExtension(Profile* profile,
       installer->InstallUserScript(download_item.full_path(),
                                    download_item.url());
     } else {
-      bool is_gallery_download = ExtensionsService::IsDownloadFromGallery(
+      bool is_gallery_download = service->IsDownloadFromGallery(
           download_item.url(), download_item.referrer_url());
       installer->set_original_mime_type(download_item.original_mime_type());
       installer->set_apps_require_extension_mime_type(true);
@@ -731,4 +731,21 @@ FilePath GetCrDownloadPath(const FilePath& suggested_path) {
   return FilePath(file_name);
 }
 
+// TODO(erikkay,phajdan.jr): This is apparently not being exercised in tests.
+bool IsDangerous(DownloadCreateInfo* info, Profile* profile) {
+  // Downloads can be marked as dangerous for two reasons:
+  // a) They have a dangerous-looking filename
+  // b) They are an extension that is not from the gallery
+  if (IsExecutableFile(info->suggested_path.BaseName())) {
+    return true;
+  } else if (info->is_extension_install) {
+    ExtensionsService* service = profile->GetExtensionsService();
+    if (!service ||
+        !service->IsDownloadFromGallery(info->url, info->referrer_url)) {
+      return true;
+    }
+  }
+  return false;
+}
+
 }  // namespace download_util
diff --git a/chrome/browser/download/download_util.h b/chrome/browser/download/download_util.h
index 37e8a82..a32f171 100644
--- a/chrome/browser/download/download_util.h
+++ b/chrome/browser/download/download_util.h
@@ -213,6 +213,9 @@ int GetUniquePathNumberWithCrDownload(const FilePath& path);
 // Returns a .crdownload intermediate path for the |suggested_path|.
 FilePath GetCrDownloadPath(const FilePath& suggested_path);
 
+// Whether a given download should be considered potentially dangerous.
+bool IsDangerous(DownloadCreateInfo *info, Profile* profile);
+
 }  // namespace download_util
 
 #endif  // CHROME_BROWSER_DOWNLOAD_DOWNLOAD_UTIL_H_
author	erikkay@chromium.org <erikkay@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-10-08 15:24:07 +0000
committer	erikkay@chromium.org <erikkay@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-10-08 15:24:07 +0000
commit	d30719975739967af9e434ddb745a0bd64ec0daa (patch)
tree	15b6799bbc90921f686e93a1e9201a468942ad1f /chrome/browser/download
parent	da8479bf90edb9b4de4f82b707b9282629d0a4ec (diff)
download	chromium_src-d30719975739967af9e434ddb745a0bd64ec0daa.zip chromium_src-d30719975739967af9e434ddb745a0bd64ec0daa.tar.gz chromium_src-d30719975739967af9e434ddb745a0bd64ec0daa.tar.bz2