summaryrefslogtreecommitdiffstats
path: root/webkit/fileapi/file_system_util.cc
diff options
context:
space:
mode:
Diffstat (limited to 'webkit/fileapi/file_system_util.cc')
-rw-r--r--webkit/fileapi/file_system_util.cc84
1 files changed, 36 insertions, 48 deletions
diff --git a/webkit/fileapi/file_system_util.cc b/webkit/fileapi/file_system_util.cc
index c5a3047..382c7b6 100644
--- a/webkit/fileapi/file_system_util.cc
+++ b/webkit/fileapi/file_system_util.cc
@@ -19,9 +19,9 @@
namespace fileapi {
-const char kPersistentDir[] = "/persistent/";
-const char kTemporaryDir[] = "/temporary/";
-const char kExternalDir[] = "/external/";
+const char kPersistentDir[] = "/persistent";
+const char kTemporaryDir[] = "/temporary";
+const char kExternalDir[] = "/external";
const char kPersistentName[] = "Persistent";
const char kTemporaryName[] = "Temporary";
@@ -32,62 +32,45 @@ bool CrackFileSystemURL(const GURL& url, GURL* origin_url, FileSystemType* type,
GURL origin;
FileSystemType file_system_type;
- if (url.scheme() != "filesystem")
+ if (!url.is_valid() || !url.SchemeIsFileSystem())
return false;
+ DCHECK(url.inner_url());
- std::string temp = url.path();
- // TODO(ericu): This should probably be done elsewhere after the stackable
- // layers are properly in. We're supposed to reject any paths that contain
- // '..' segments, but the GURL constructor is helpfully resolving them for us.
- // Make sure there aren't any before we call it.
- size_t pos = temp.find("..");
- for (; pos != std::string::npos; pos = temp.find("..", pos + 1)) {
- if ((pos == 0 || temp[pos - 1] == '/') &&
- (pos == temp.length() - 2 || temp[pos + 2] == '/'))
- return false;
- }
-
- // bare_url will look something like:
- // http://example.com/temporary/dir/file.txt.
- GURL bare_url(temp);
-
- // The input URL was malformed, bail out early.
- if (bare_url.path().empty())
- return false;
-
- origin = bare_url.GetOrigin();
-
- // The input URL was malformed, bail out early.
- if (origin.is_empty())
- return false;
-
- std::string path = net::UnescapeURLComponent(bare_url.path(),
- net::UnescapeRule::SPACES | net::UnescapeRule::URL_SPECIAL_CHARS |
- net::UnescapeRule::CONTROL_CHARS);
- if (path.compare(0, strlen(kPersistentDir), kPersistentDir) == 0) {
+ std::string inner_path = url.inner_url()->path();
+ if (inner_path.compare(
+ 0, arraysize(kPersistentDir) - 1, kPersistentDir) == 0) {
file_system_type = kFileSystemTypePersistent;
- path = path.substr(strlen(kPersistentDir));
- } else if (path.compare(0, strlen(kTemporaryDir), kTemporaryDir) == 0) {
+ } else if (inner_path.compare(
+ 0, arraysize(kTemporaryDir) - 1, kTemporaryDir) == 0) {
file_system_type = kFileSystemTypeTemporary;
- path = path.substr(strlen(kTemporaryDir));
- } else if (path.compare(0, strlen(kExternalDir), kExternalDir) == 0) {
+ } else if (inner_path.compare(
+ 0, arraysize(kExternalDir) - 1, kExternalDir) == 0) {
file_system_type = kFileSystemTypeExternal;
- path = path.substr(strlen(kExternalDir));
} else {
return false;
}
+ std::string path = net::UnescapeURLComponent(url.path(),
+ net::UnescapeRule::SPACES | net::UnescapeRule::URL_SPECIAL_CHARS |
+ net::UnescapeRule::CONTROL_CHARS);
+
// Ensure the path is relative.
while (!path.empty() && path[0] == '/')
path.erase(0, 1);
+ FilePath converted_path = FilePath::FromUTF8Unsafe(path);
+
+ // All parent references should have been resolved in the renderer.
+ if (converted_path.ReferencesParent())
+ return false;
+
if (origin_url)
- *origin_url = origin;
+ *origin_url = url.GetOrigin();
if (type)
*type = file_system_type;
if (file_path)
- *file_path = FilePath::FromUTF8Unsafe(path).
- NormalizePathSeparators().StripTrailingSeparators();
+ *file_path = converted_path.NormalizePathSeparators().
+ StripTrailingSeparators();
return true;
}
@@ -138,23 +121,28 @@ void VirtualPath::GetComponents(
}
GURL GetFileSystemRootURI(const GURL& origin_url, FileSystemType type) {
- std::string path("filesystem:");
- path += origin_url.spec();
+ // origin_url is based on a security origin, so http://foo.com or file:///
+ // instead of the corresponding filesystem URL.
+ DCHECK(!origin_url.SchemeIsFileSystem());
+
+ std::string url = "filesystem:" + origin_url.GetWithEmptyPath().spec();
switch (type) {
case kFileSystemTypeTemporary:
- path += (kTemporaryDir + 1); // We don't want the leading slash.
+ url += (kTemporaryDir + 1); // We don't want the leading slash.
break;
case kFileSystemTypePersistent:
- path += (kPersistentDir + 1); // We don't want the leading slash.
+ url += (kPersistentDir + 1); // We don't want the leading slash.
break;
case kFileSystemTypeExternal:
- path += (kExternalDir + 1); // We don't want the leading slash.
+ url += (kExternalDir + 1); // We don't want the leading slash.
break;
default:
NOTREACHED();
return GURL();
}
- return GURL(path);
+ url += "/";
+
+ return GURL(url);
}
std::string GetFileSystemName(const GURL& origin_url, FileSystemType type) {
generated by cgit v1.1 at 2025-01-25 14:41:12 +0000