chromium/src
0
Fork 0
Code Activity
Files
2875c3fdb085235a6ba55e9ca80ed33cc18fa91d
src/content/browser/file_system_access/features.h
Daseul Lee c678024944 [FSA] Handle symbolic links when checking blocklists. 
(1) When checking blocklists, use a resolved path returned from
`base::MakeAbsoluteFilePath()`, which is expected to resolve any
symbolic link.

(2) Additionally, check for blocklist when getting a file handle or
entries (that are files) from a directory handle. With (1), this check
will make sure any new symlink created after the initial check on the
parent directory is caught and re-run with blocklist check on fully
resolved path.

Previously, crrev.com/c/4005144 attempted to handle case (2) partially
on POSIX, using `base::IsLink()` and `base::ReadSymbolicLink()`, causing
some potential bugs. This CL re-attempts to fix the issue using
`base::MakeAbsoluteFilePath()`, which is available on both POSIX and
Windows.

Both features are disabled and will be enabled after testing.

Bug: 1378484
Change-Id: If319359492c08dd829b42262918ad208bbc351c8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5068377
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Commit-Queue: Daseul Lee <dslee@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1234657}
2023-12-07 19:52:52 +00:00

26 lines
898 B
C++
Raw Blame History

// Copyright 2022 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_BROWSER_FILE_SYSTEM_ACCESS_FEATURES_H_
#define CONTENT_BROWSER_FILE_SYSTEM_ACCESS_FEATURES_H_
#include "base/feature_list.h"
#include "build/build_config.h"
#include "content/common/content_export.h"
namespace content::features {
// All features in alphabetical order, grouped by buildflag. The features should
// be documented alongside the definition of their values in the .cc file.
// Alphabetical:
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFileSystemAccessBFCache);
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFileSystemAccessDragAndDropCheckBlocklist);
CONTENT_EXPORT BASE_DECLARE_FEATURE(
kFileSystemAccessDirectoryIterationBlocklistCheck);
} // namespace content::features
#endif // CONTENT_BROWSER_FILE_SYSTEM_ACCESS_FEATURES_H_
View Git Blame Copy Permalink