[Downloads] Move client guid for AV scanning of downloaded files to chrome/

This client app should not be used by all clients of content/. Moving to chrome so it can be managed there and re-used if needed.

Review URL: https://chromiumcodereview.appspot.com/21355004

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@216843 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 13 insertions, 75 deletions

diff --git a/content/browser/safe_util_win.cc b/content/browser/safe_util_win.cc
index 2dce2ca..ac077f1 100644
--- a/content/browser/safe_util_win.cc
+++ b/content/browser/safe_util_win.cc
@@ -19,12 +19,6 @@
 namespace content {
 namespace {
 
-// This GUID is associated with any 'don't ask me again' settings that the
-// user can select for different file types.
-// {2676A9A2-D919-4fee-9187-152100393AB2}
-static const GUID kClientID = { 0x2676a9a2, 0xd919, 0x4fee,
-  { 0x91, 0x87, 0x15, 0x21, 0x0, 0x39, 0x3a, 0xb2 } };
-
 // Sets the Zone Identifier on the file to "Internet" (3). Returns true if the
 // function succeeds, false otherwise. A failure is expected on system where
 // the Zone Identifier is not supported, like a machine with a FAT32 filesystem.
@@ -55,72 +49,11 @@ bool SetInternetZoneIdentifierDirectly(const base::FilePath& full_path) {
   return true;
 }
 
-}
-
-// This function implementation is based on the attachment execution
-// services functionally deployed with IE6 or Service pack 2. This
-// functionality is exposed in the IAttachmentExecute COM interface.
-// more information at:
-// http://msdn2.microsoft.com/en-us/library/ms647048.aspx
-bool SaferOpenItemViaShell(HWND hwnd, const std::wstring& window_title,
-                           const base::FilePath& full_path,
-                           const std::wstring& source_url) {
-  base::win::ScopedComPtr<IAttachmentExecute> attachment_services;
-  HRESULT hr = attachment_services.CreateInstance(CLSID_AttachmentServices);
-  if (FAILED(hr)) {
-    // We don't have Attachment Execution Services, it must be a pre-XP.SP2
-    // Windows installation, or the thread does not have COM initialized.
-    if (hr == CO_E_NOTINITIALIZED) {
-      NOTREACHED();
-      return false;
-    }
-    return ui::win::OpenItemViaShell(full_path);
-  }
-
-  attachment_services->SetClientGuid(kClientID);
-
-  if (!window_title.empty())
-    attachment_services->SetClientTitle(window_title.c_str());
-
-  // To help windows decide if the downloaded file is dangerous we can provide
-  // what the documentation calls evidence. Which we provide now:
-  //
-  // Set the file itself as evidence.
-  hr = attachment_services->SetLocalPath(full_path.value().c_str());
-  if (FAILED(hr))
-    return false;
-  // Set the origin URL as evidence.
-  hr = attachment_services->SetSource(source_url.c_str());
-  if (FAILED(hr))
-    return false;
+}  // namespace
 
-  // Now check the windows policy.
-  if (attachment_services->CheckPolicy() != S_OK) {
-    // It is possible that the above call returns an undocumented result
-    // equal to 0x800c000e which seems to indicate that the URL failed the
-    // the security check. If you proceed with the Prompt() call the
-    // Shell might show a dialog that says:
-    // "windows found that this file is potentially harmful. To help protect
-    // your computer, Windows has blocked access to this file."
-    // Upon dismissal of the dialog windows will delete the file (!!).
-    // So, we can 'return' in that case but maybe is best to let it happen to
-    // fail on the safe side.
-
-    ATTACHMENT_ACTION action;
-    // We cannot control what the prompt says or does directly but it
-    // is a pretty decent dialog; for example, if an executable is signed it can
-    // decode and show the publisher and the certificate.
-    hr = attachment_services->Prompt(hwnd, ATTACHMENT_PROMPT_EXEC, &action);
-    if (FAILED(hr) || (ATTACHMENT_ACTION_CANCEL == action)) {
-      // The user has declined opening the item.
-      return false;
-    }
-  }
-  return ui::win::OpenItemViaShellNoZoneCheck(full_path);
-}
-
-HRESULT ScanAndSaveDownloadedFile(const base::FilePath& full_path,
-                                  const GURL& source_url) {
+HRESULT AVScanFile(const base::FilePath& full_path,
+                   const std::string& source_url,
+                   const GUID& client_guid) {
   base::win::ScopedComPtr<IAttachmentExecute> attachment_services;
   HRESULT hr = attachment_services.CreateInstance(CLSID_AttachmentServices);
 
@@ -135,15 +68,20 @@ HRESULT ScanAndSaveDownloadedFile(const base::FilePath& full_path,
     return hr;
   }
 
-  hr = attachment_services->SetClientGuid(kClientID);
-  if (FAILED(hr))
-    return hr;
+  if (!IsEqualGUID(client_guid, GUID_NULL)) {
+    hr = attachment_services->SetClientGuid(client_guid);
+    if (FAILED(hr))
+      return hr;
+  }
 
   hr = attachment_services->SetLocalPath(full_path.value().c_str());
   if (FAILED(hr))
     return hr;
 
-  hr = attachment_services->SetSource(UTF8ToWide(source_url.spec()).c_str());
+  // Note: SetSource looks like it needs to be called, even if empty.
+  // Docs say it is optional, but it appears not calling it at all sets
+  // a zone that is too restrictive.
+  hr = attachment_services->SetSource(UTF8ToWide(source_url).c_str());
   if (FAILED(hr))
     return hr;