content/browser/safe_util_win.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CONTENT_COMMON_SAFE_UTIL_WIN_H_
   6 #define CONTENT_COMMON_SAFE_UTIL_WIN_H_
   7
   8 #include <string>
   9 #include <windows.h>
  10
  11 class FilePath;
  12 class GURL;
  13
  14 namespace content {
  15
  16 // Open or run a downloaded file via the Windows shell, possibly showing first
  17 // a consent dialog if the the file is deemed dangerous. This function is an
  18 // enhancement over the OpenItemViaShell() function of win_util.h.
  19 //
  20 // The user consent dialog will be shown or not according to the windows
  21 // execution policy defined in the registry which can be overridden per user.
  22 // The mechanics of the policy are explained in the Microsoft Knowledge base
  23 // number 883260: http://support.microsoft.com/kb/883260
  24 //
  25 // The 'hwnd' is the handle to the parent window. In case a dialog is displayed
  26 // the parent window will be disabled since the dialog is meant to be modal.
  27 // The 'window_title' is the text displayed on the title bar of the dialog. If
  28 // you pass an empty string the dialog will have a generic 'windows security'
  29 // name on the title bar.
  30 //
  31 // You must provide a valid 'full_path' to the file to be opened and a well
  32 // formed url in 'source_url'. The url should identify the source of the file
  33 // but does not have to be network-reachable. If the url is malformed a
  34 // dialog will be shown telling the user that the file will be blocked.
  35 //
  36 // In the event that there is no default application registered for the file
  37 // specified by 'full_path' it ask the user, via the Windows "Open With"
  38 // dialog.
  39 // Returns 'true' on successful open, 'false' otherwise.
  40 bool SaferOpenItemViaShell(HWND hwnd, const std::wstring& window_title,
  41                            const FilePath& full_path,
  42                            const std::wstring& source_url);
  43
  44 // Invokes IAttachmentExecute::Save to validate the downloaded file. The call
  45 // may scan the file for viruses and if necessary, annotate it with evidence. As
  46 // a result of the validation, the file may be deleted.  See:
  47 // http://msdn.microsoft.com/en-us/bb776299
  48 //
  49 // If Attachment Execution Services is unavailable, then this function will
  50 // attempt to manually annotate the file with security zone information. A
  51 // failure code will be returned in this case even if the file is sucessfully
  52 // annotated.
  53 //
  54 // IAE::Save() will delete the file if it was found to be blocked by local
  55 // security policy or if it was found to be infected. The call may also delete
  56 // the file due to other failures (http://crbug.com/153212). A failure code will
  57 // be returned in these cases.
  58 //
  59 // Typical return values:
  60 //   S_OK   : The file was okay. If any viruses were found, they were cleaned.
  61 //   E_FAIL : Virus infected.
  62 //   INET_E_SECURITY_PROBLEM : The file was blocked due to security policy.
  63 //
  64 // Any other return value indicates an unexpected error during the scan.
  65 //
  66 // |full_path| : is the path to the downloaded file. This should be the final
  67 //               path of the download.
  68 // |source_url|: the source URL for the download.
  69 HRESULT ScanAndSaveDownloadedFile(const FilePath& full_path,
  70                                   const GURL& source_url);
  71 }  // namespace content
  72
  73 #endif  // CONTENT_COMMON_SAFE_UTIL_WIN_H_