2011-05-23 Adam Klein <adamk@chromium.org>
authoradamk@chromium.org <adamk@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 23 May 2011 20:47:06 +0000 (20:47 +0000)
committeradamk@chromium.org <adamk@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 23 May 2011 20:47:06 +0000 (20:47 +0000)
        Reviewed by Jian Li.

        [fileapi] Add a File::createWithName method to avoid obfuscated filename leakage from FileEntry.file() method
        https://bugs.webkit.org/show_bug.cgi?id=61155

        Covered by existing tests: fast/filesystem/file-from-file-entry.html
                                   fast/filesystem/workers/file-from-file-entry.html
                                   fast/filesystem/workers/file-from-file-entry-sync.html

        * fileapi/DOMFileSystem.cpp:
        (WebCore::DOMFileSystem::createFile): Updated to call createWithName().
        * fileapi/DOMFileSystemSync.cpp:
        (WebCore::DOMFileSystemSync::createFile): Updated to call createWithName().
        * fileapi/File.cpp:
        (WebCore::createBlobDataForFile): Added an optional name argument to fix MIME type lookup.
        (WebCore::File::createWithRelativePath): Renamed from create() for consistency with new method.
        (WebCore::File::File):
        * fileapi/File.h:
        (WebCore::File::createWithName):
        * html/FileInputType.cpp:
        (WebCore::FileInputType::setFileList): Updated the single caller of File::createWithRelativePath().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@87095 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/fileapi/DOMFileSystem.cpp
Source/WebCore/fileapi/DOMFileSystemSync.cpp
Source/WebCore/fileapi/File.cpp
Source/WebCore/fileapi/File.h
Source/WebCore/html/FileInputType.cpp

index fce252e..226cb86 100644 (file)
@@ -1,3 +1,27 @@
+2011-05-23  Adam Klein  <adamk@chromium.org>
+
+        Reviewed by Jian Li.
+
+        [fileapi] Add a File::createWithName method to avoid obfuscated filename leakage from FileEntry.file() method
+        https://bugs.webkit.org/show_bug.cgi?id=61155
+
+        Covered by existing tests: fast/filesystem/file-from-file-entry.html
+                                   fast/filesystem/workers/file-from-file-entry.html
+                                   fast/filesystem/workers/file-from-file-entry-sync.html
+
+        * fileapi/DOMFileSystem.cpp:
+        (WebCore::DOMFileSystem::createFile): Updated to call createWithName().
+        * fileapi/DOMFileSystemSync.cpp:
+        (WebCore::DOMFileSystemSync::createFile): Updated to call createWithName().
+        * fileapi/File.cpp:
+        (WebCore::createBlobDataForFile): Added an optional name argument to fix MIME type lookup.
+        (WebCore::File::createWithRelativePath): Renamed from create() for consistency with new method.
+        (WebCore::File::File):
+        * fileapi/File.h:
+        (WebCore::File::createWithName):
+        * html/FileInputType.cpp:
+        (WebCore::FileInputType::setFileList): Updated the single caller of File::createWithRelativePath().
+
 2011-05-23  Adrienne Walker  <enne@google.com>
 
         Reviewed by James Robinson.
index ceb2ca3..7342acd 100644 (file)
@@ -117,9 +117,9 @@ namespace {
 
 class GetPathCallback : public FileSystemCallbacksBase {
 public:
-    static PassOwnPtr<GetPathCallback> create(PassRefPtr<DOMFileSystem> filesystem, const String& path, PassRefPtr<FileCallback> successCallback, PassRefPtr<ErrorCallback> errorCallback)
+    static PassOwnPtr<GetPathCallback> create(PassRefPtr<DOMFileSystem> filesystem, const String& path, const String& name, PassRefPtr<FileCallback> successCallback, PassRefPtr<ErrorCallback> errorCallback)
     {
-        return adoptPtr(new GetPathCallback(filesystem, path, successCallback, errorCallback));
+        return adoptPtr(new GetPathCallback(filesystem, path, name, successCallback, errorCallback));
     }
 
     virtual void didReadMetadata(const FileMetadata& metadata)
@@ -127,20 +127,22 @@ public:
         if (!metadata.platformPath.isEmpty())
             m_path = metadata.platformPath;
 
-        m_filesystem->scheduleCallback(m_successCallback.release(), File::create(m_path));
+        m_filesystem->scheduleCallback(m_successCallback.release(), File::createWithName(m_path, m_name));
     }
 
 private:
-    GetPathCallback(PassRefPtr<DOMFileSystem> filesystem, const String& path, PassRefPtr<FileCallback> successCallback, PassRefPtr<ErrorCallback> errorCallback)
+    GetPathCallback(PassRefPtr<DOMFileSystem> filesystem, const String& path, const String& name, PassRefPtr<FileCallback> successCallback, PassRefPtr<ErrorCallback> errorCallback)
         : FileSystemCallbacksBase(errorCallback)
         , m_filesystem(filesystem)
         , m_path(path)
+        , m_name(name)
         , m_successCallback(successCallback)
     {
     }
 
     RefPtr<DOMFileSystem> m_filesystem;
     String m_path;
+    String m_name;
     RefPtr<FileCallback> m_successCallback;
 };
 
@@ -150,7 +152,7 @@ void DOMFileSystem::createFile(const FileEntry* fileEntry, PassRefPtr<FileCallba
 {
     String platformPath = m_asyncFileSystem->virtualToPlatformPath(fileEntry->fullPath());
 
-    m_asyncFileSystem->readMetadata(platformPath, GetPathCallback::create(this, platformPath, successCallback, errorCallback));
+    m_asyncFileSystem->readMetadata(platformPath, GetPathCallback::create(this, platformPath, fileEntry->name(), successCallback, errorCallback));
 }
 
 } // namespace WebCore
index 0d26bb6..ee6a3ac 100644 (file)
@@ -169,7 +169,7 @@ PassRefPtr<File> DOMFileSystemSync::createFile(const FileEntrySync* fileEntry, E
     }
     if (!result->m_path.isEmpty())
         platformPath = result->m_path;
-    return File::create(platformPath);
+    return File::createWithName(platformPath, fileEntry->name());
 }
 
 namespace {
index dd81f5a..0448b0a 100644 (file)
 
 namespace WebCore {
 
-static PassOwnPtr<BlobData> createBlobDataForFile(const String& path)
+static PassOwnPtr<BlobData> createBlobDataForFile(const String& path, const String& name = String())
 {
     String type;
-    int index = path.reverseFind('.');
+    const String& nameForMIMEType = !name.isEmpty() ? name : path;
+    int index = nameForMIMEType.reverseFind('.');
     if (index != -1)
-        type = MIMETypeRegistry::getMIMETypeForExtension(path.substring(index + 1));
+        type = MIMETypeRegistry::getMIMETypeForExtension(nameForMIMEType.substring(index + 1));
 
     OwnPtr<BlobData> blobData = BlobData::create();
     blobData->setContentType(type);
@@ -46,6 +47,15 @@ static PassOwnPtr<BlobData> createBlobDataForFile(const String& path)
     return blobData.release();
 }
 
+#if ENABLE(DIRECTORY_UPLOAD)
+PassRefPtr<File> File::createWithRelativePath(const String& path, const String& relativePath)
+{
+    RefPtr<File> file = adoptRef(new File(path));
+    file->m_relativePath = relativePath;
+    return file.release();
+}
+#endif
+
 File::File(const String& path)
     : Blob(createBlobDataForFile(path), -1)
     , m_path(path)
@@ -60,13 +70,12 @@ File::File(const String& path, const KURL& url, const String& type)
     m_name = pathGetFileName(path);
 }
 
-#if ENABLE(DIRECTORY_UPLOAD)
-File::File(const String& relativePath, const String& path)
-    : Blob(createBlobDataForFile(path), -1)
+#if ENABLE(FILE_SYSTEM)
+File::File(const String& path, const String& name)
+    : Blob(createBlobDataForFile(path, name), -1)
     , m_path(path)
-    , m_relativePath(relativePath)
+    , m_name(name)
 {
-    m_name = pathGetFileName(path);
 }
 #endif
 
index d22b035..13a91fe 100644 (file)
@@ -49,9 +49,14 @@ public:
     }
 
 #if ENABLE(DIRECTORY_UPLOAD)
-    static PassRefPtr<File> create(const String& relativePath, const String& path)
+    static PassRefPtr<File> createWithRelativePath(const String& path, const String& relativePath);
+#endif
+
+#if ENABLE(FILE_SYSTEM)
+    // Create a file with a name exposed to the author (via File.name and associated DOM properties) that differs from the one provided in the path.
+    static PassRefPtr<File> createWithName(const String& path, const String& name)
     {
-        return adoptRef(new File(relativePath, path));
+        return adoptRef(new File(path, name));
     }
 #endif
 
@@ -75,12 +80,12 @@ public:
 
 private:
     File(const String& path);
-    
+
     // For deserialization.
     File(const String& path, const KURL& srcURL, const String& type);
 
-#if ENABLE(DIRECTORY_UPLOAD)
-    File(const String& relativePath, const String& path);
+#if ENABLE(FILE_SYSTEM)
+    File(const String& path, const String& name);
 #endif
 
     String m_path;
index a4d1dd3..e7dcd5c 100644 (file)
@@ -178,7 +178,7 @@ void FileInputType::setFileList(const Vector<String>& paths)
         for (size_t i = 0; i < size; i++) {
             // Normalize backslashes to slashes before exposing the relative path to script.
             String relativePath = paths[i].substring(1 + rootPath.length()).replace('\\', '/');
-            m_fileList->append(File::create(relativePath, paths[i]));
+            m_fileList->append(File::createWithRelativePath(paths[i], relativePath));
         }
         return;
     }