RISCI_ATOM
/
ungoogled-chromium
mirror of https://github.com/Eloston/ungoogled-chromium.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227
							# Disables file download quarantining

--- a/content/browser/renderer_host/pepper/pepper_file_io_host.cc
+++ b/content/browser/renderer_host/pepper/pepper_file_io_host.cc
@@ -432,7 +432,7 @@ void PepperFileIOHost::OnLocalFileOpened
     ppapi::host::ReplyMessageContext reply_context,
     const base::FilePath& path,
     base::File::Error error_code) {
-#if defined(OS_WIN) || defined(OS_LINUX)
+#if 0
   // Quarantining a file before its contents are available is only supported on
   // Windows and Linux.
   if (!FileOpenForWrite(open_flags_) || error_code != base::File::FILE_OK) {
@@ -452,7 +452,7 @@ void PepperFileIOHost::OnLocalFileOpened
 #endif
 }
 
-#if defined(OS_WIN) || defined(OS_LINUX)
+#if 0
 void PepperFileIOHost::OnLocalFileQuarantined(
     ppapi::host::ReplyMessageContext reply_context,
     const base::FilePath& path,
--- a/content/browser/renderer_host/pepper/pepper_file_io_host.h
+++ b/content/browser/renderer_host/pepper/pepper_file_io_host.h
@@ -15,7 +15,6 @@
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
-#include "components/download/quarantine/quarantine.h"
 #include "content/browser/renderer_host/pepper/browser_ppapi_host_impl.h"
 #include "ipc/ipc_listener.h"
 #include "ipc/ipc_platform_file.h"
@@ -92,10 +91,6 @@ class PepperFileIOHost : public ppapi::h
                          const base::FilePath& path,
                          base::File::Error error_code);
 
-  void OnLocalFileQuarantined(ppapi::host::ReplyMessageContext reply_context,
-                              const base::FilePath& path,
-                              download::QuarantineFileResult quarantine_result);
-
   void SendFileOpenReply(ppapi::host::ReplyMessageContext reply_context,
                          base::File::Error error_code);
 
--- a/content/browser/BUILD.gn
+++ b/content/browser/BUILD.gn
@@ -52,7 +52,6 @@ jumbo_source_set("browser") {
     "//components/discardable_memory/service",
     "//components/download/database",
     "//components/download/public/common:public",
-    "//components/download/quarantine",
     "//components/filename_generation",
     "//components/link_header_util",
     "//components/metrics",
--- a/components/download/internal/common/base_file.cc
+++ b/components/download/internal/common/base_file.cc
@@ -23,7 +23,6 @@
 #include "components/download/public/common/download_interrupt_reasons_utils.h"
 #include "components/download/public/common/download_item.h"
 #include "components/download/public/common/download_stats.h"
-#include "components/download/quarantine/quarantine.h"
 #include "crypto/secure_hash.h"
 #include "services/service_manager/public/cpp/connector.h"
 
@@ -523,129 +522,12 @@ DownloadInterruptReason BaseFile::Publis
 }
 #endif  // defined(OS_ANDROID)
 
-namespace {
-
-DownloadInterruptReason QuarantineFileResultToReason(
-    quarantine::mojom::QuarantineFileResult result) {
-  switch (result) {
-    case quarantine::mojom::QuarantineFileResult::OK:
-      return DOWNLOAD_INTERRUPT_REASON_NONE;
-    case quarantine::mojom::QuarantineFileResult::VIRUS_INFECTED:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_VIRUS_INFECTED;
-    case quarantine::mojom::QuarantineFileResult::SECURITY_CHECK_FAILED:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_SECURITY_CHECK_FAILED;
-    case quarantine::mojom::QuarantineFileResult::BLOCKED_BY_POLICY:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_BLOCKED;
-    case quarantine::mojom::QuarantineFileResult::ACCESS_DENIED:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_ACCESS_DENIED;
-
-    case quarantine::mojom::QuarantineFileResult::FILE_MISSING:
-      // Don't have a good interrupt reason here. This return code means that
-      // the file at |full_path_| went missing before QuarantineFile got to
-      // look at it. Not expected to happen, but we've seen instances where a
-      // file goes missing immediately after BaseFile closes the handle.
-      //
-      // Intentionally using a different error message than
-      // SECURITY_CHECK_FAILED in order to distinguish the two.
-      return DOWNLOAD_INTERRUPT_REASON_FILE_FAILED;
-
-    case quarantine::mojom::QuarantineFileResult::ANNOTATION_FAILED:
-      // This means that the mark-of-the-web couldn't be applied. The file is
-      // already on the file system under its final target name.
-      //
-      // Causes of failed annotations typically aren't transient. E.g. the
-      // target file system may not support extended attributes or alternate
-      // streams. We are going to allow these downloads to progress on the
-      // assumption that failures to apply MOTW can't reliably be introduced
-      // remotely.
-      return DOWNLOAD_INTERRUPT_REASON_NONE;
-  }
-  return DOWNLOAD_INTERRUPT_REASON_FILE_FAILED;
-}
-
-// Given a source and a referrer, determines the "safest" URL that can be used
-// to determine the authority of the download source. Returns an empty URL if no
-// HTTP/S URL can be determined for the <|source_url|, |referrer_url|> pair.
-GURL GetEffectiveAuthorityURL(const GURL& source_url,
-                              const GURL& referrer_url) {
-  if (source_url.is_valid()) {
-    // http{,s} has an authority and are supported.
-    if (source_url.SchemeIsHTTPOrHTTPS())
-      return source_url;
-
-    // If the download source is file:// ideally we should copy the MOTW from
-    // the original file, but given that Chrome/Chromium places strict
-    // restrictions on which schemes can reference file:// URLs, this code is
-    // going to assume that at this point it's okay to treat this download as
-    // being from the local system.
-    if (source_url.SchemeIsFile())
-      return source_url;
-
-    // ftp:// has an authority.
-    if (source_url.SchemeIs(url::kFtpScheme))
-      return source_url;
-  }
-
-  if (referrer_url.is_valid() && referrer_url.SchemeIsHTTPOrHTTPS())
-    return referrer_url;
-
-  return GURL();
-}
-
-}  // namespace
-
-#if defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX)
-
-DownloadInterruptReason BaseFile::AnnotateWithSourceInformationSync(
-    const std::string& client_guid,
-    const GURL& source_url,
-    const GURL& referrer_url) {
-  DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
-  DCHECK(!detached_);
-  DCHECK(!full_path_.empty());
-
-  CONDITIONAL_TRACE(BEGIN0("download", "DownloadFileAnnotate"));
-  QuarantineFileResult result = QuarantineFile(
-      full_path_, GetEffectiveAuthorityURL(source_url, referrer_url),
-      referrer_url, client_guid);
-  CONDITIONAL_TRACE(END0("download", "DownloadFileAnnotate"));
-
-  return QuarantineFileResultToReason(result);
-}
-#else  // !OS_WIN && !OS_MACOSX && !OS_LINUX
 DownloadInterruptReason BaseFile::AnnotateWithSourceInformationSync(
     const std::string& client_guid,
     const GURL& source_url,
     const GURL& referrer_url) {
   return DOWNLOAD_INTERRUPT_REASON_NONE;
 }
-#endif
-
-void BaseFile::OnFileQuarantined(
-    bool connection_error,
-    quarantine::mojom::QuarantineFileResult result) {
-  base::UmaHistogramBoolean("Download.QuarantineService.ConnectionError",
-                            connection_error);
-
-  DCHECK(on_annotation_done_callback_);
-  quarantine_service_.reset();
-  std::move(on_annotation_done_callback_)
-      .Run(QuarantineFileResultToReason(result));
-}
-
-void BaseFile::OnQuarantineServiceError(const GURL& source_url,
-                                        const GURL& referrer_url) {
-#if defined(OS_WIN)
-  if (base::FeatureList::IsEnabled(quarantine::kOutOfProcessQuarantine)) {
-    OnFileQuarantined(/*connection_error=*/true,
-                      quarantine::SetInternetZoneIdentifierDirectly(
-                          full_path_, source_url, referrer_url));
-    return;
-  }
-#endif  // defined(OS_WIN)
-
-  CHECK(false) << "In-process quarantine service should not have failed.";
-}
 
 void BaseFile::AnnotateWithSourceInformation(
     const std::string& client_guid,
@@ -653,31 +535,8 @@ void BaseFile::AnnotateWithSourceInforma
     const GURL& referrer_url,
     std::unique_ptr<service_manager::Connector> connector,
     OnAnnotationDoneCallback on_annotation_done_callback) {
-  GURL authority_url = GetEffectiveAuthorityURL(source_url, referrer_url);
-  if (!connector) {
-#if defined(OS_WIN)
-    QuarantineFileResult result = quarantine::SetInternetZoneIdentifierDirectly(
-        full_path_, authority_url, referrer_url);
-#else
-    QuarantineFileResult result = QuarantineFileResult::ANNOTATION_FAILED;
-#endif
-    std::move(on_annotation_done_callback)
-        .Run(QuarantineFileResultToReason(result));
-  } else {
-    connector->BindInterface(quarantine::mojom::kServiceName,
-                             mojo::MakeRequest(&quarantine_service_));
-
-    on_annotation_done_callback_ = std::move(on_annotation_done_callback);
-
-    quarantine_service_.set_connection_error_handler(base::BindOnce(
-        &BaseFile::OnQuarantineServiceError, weak_factory_.GetWeakPtr(),
-        authority_url, referrer_url));
-
-    quarantine_service_->QuarantineFile(
-        full_path_, authority_url, referrer_url, client_guid,
-        base::BindOnce(&BaseFile::OnFileQuarantined, weak_factory_.GetWeakPtr(),
-                       false));
-  }
+  std::move(on_annotation_done_callback)
+      .Run(DOWNLOAD_INTERRUPT_REASON_NONE);
 }
 
 }  // namespace download