| blob | 54adce8ffd4fd9ac752e10aeb8b06587d3851ca5 |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include <set>
6 #include <string>
17 // For file extensions taken from mozilla:
19 /* ***** BEGIN LICENSE BLOCK *****
20 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
21 *
22 * The contents of this file are subject to the Mozilla Public License Version
23 * 1.1 (the "License"); you may not use this file except in compliance with
24 * the License. You may obtain a copy of the License at
25 * http://www.mozilla.org/MPL/
26 *
27 * Software distributed under the License is distributed on an "AS IS" basis,
28 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
29 * for the specific language governing rights and limitations under the
30 * License.
31 *
32 * The Original Code is Mozilla Communicator client code, released
33 * March 31, 1998.
34 *
35 * The Initial Developer of the Original Code is
36 * Netscape Communications Corporation.
37 * Portions created by the Initial Developer are Copyright (C) 1998-1999
38 * the Initial Developer. All Rights Reserved.
39 *
40 * Contributor(s):
41 * Doug Turner <dougt@netscape.com>
42 * Dean Tessman <dean_tessman@hotmail.com>
43 * Brodie Thiesfield <brofield@jellycan.com>
44 * Jungshik Shin <jshin@i18nl10n.com>
45 *
46 * Alternatively, the contents of this file may be used under the terms of
47 * either of the GNU General Public License Version 2 or later (the "GPL"),
48 * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
49 * in which case the provisions of the GPL or the LGPL are applicable instead
50 * of those above. If you wish to allow use of your version of this file only
51 * under the terms of either the GPL or the LGPL, and not to allow others to
52 * use your version of this file under the terms of the MPL, indicate your
53 * decision by deleting the provisions above and replace them with the notice
54 * and other provisions required by the GPL or the LGPL. If you do not delete
55 * the provisions above, a recipient may use your version of this file under
56 * the terms of any one of the MPL, the GPL or the LGPL.
57 *
58 * ***** END LICENSE BLOCK ***** */
63 ALLOW_AUTO_OPEN,
65 // The file type should not be allowed to open automatically.
66 //
67 // Criteria for disallowing a file type from opening automatically:
68 //
69 // Includes file types that upon opening may either:
70 // * ... execute arbitrary or harmful code with user privileges.
71 // * ... change configuration of the system to cause harmful behavior
72 // immediately or at some time in the future.
73 //
74 // Doesn't include file types that upon opening:
75 // * ... sufficiently warn the user about the fact that:
76 // - This file was downloaded from the internet.
77 // - Opening it can make specified changes to the system.
78 // (Note that any such warnings need to be displayed prior to the harmful
79 // logic being executed).
80 // * ... does nothing particularly dangerous, despite the act of downloading
81 // itself being dangerous (E.g. .local and .manifest files).
82 DISALLOW_AUTO_OPEN,
83 };
85 // Guidelines for adding a new dangerous file type:
86 //
87 // * Include a comment above the file type that:
88 // - Describes the file type.
89 // - Justifies why it is considered dangerous if this isn't obvious from the
90 // description.
91 // - Justifies why the file type is disallowed from auto opening, if
92 // necessary.
93 // * Add the file extension to the kDangerousFileTypes array in
94 // download_stats.cc.
95 //
96 // TODO(asanka): All file types listed below should have descriptions.
99 DownloadDangerLevel danger_level;
100 DownloadAutoOpenHint auto_open_hint;
102 // Some files are dangerous on all platforms.
104 // Flash files downloaded locally can sometimes access the local filesystem.
108 // Chrome extensions should be obtained through the web store. Allowed to
109 // open automatically because Chrome displays a prompt prior to
110 // installation.
113 // Windows, all file categories. The list is in alphabetical order of
114 // extensions. Exceptions are made for logical groupings of file types.
115 //
116 // Some file descriptions are based on
117 // https://support.office.com/article/Blocked-attachments-in-Outlook-3811cddc-17c3-4279-a30c-060ba0207372
118 #if defined(OS_WIN)
121 // Microsoft Access related.
141 // Executable Application.
144 // Microsoft ClickOnce depolyment manifest. By default, opens with
145 // dfshim.dll which should prompt the user before running untrusted code.
148 // Active Server Pages source file.
151 // Advanced Stream Redirector. Contains a playlist of media files.
154 // Microsoft Visual Basic source file. Opens by default in an editor.
157 // Command script.
162 // Windows Compiled HTML Help files.
166 // Command script.
169 // Windows legacy executable.
172 // Control panel tool. Executable.
175 // Signed certificate file.
178 // Windows executables.
183 // Microsoft FoxPro Compiled Source.
187 // Windows legacy help file format.
190 // HTML Application. Executes as a fully trusted application.
193 // Hypertext Template File. See https://support.microsoft.com/kb/181689.
196 // Device installation information.
199 // Generic configuration file.
202 // Microsoft IIS Internet Communication Settings.
205 // Microsoft IIS Internet Service Provider Settings.
208 // JavaScript file. May open using Windows Script Host with user level
209 // privileges.
212 // JScript encoded script file. Usually produced by running Microsoft Script
213 // Encoder over a .js file.
214 // See https://msdn.microsoft.com/library/d14c8zsc.aspx
217 // Shortcuts. May open anything.
220 // .local files affect DLL search path for .exe file with same base name.
223 // While being a generic name, having a .manifest file with the same
224 // basename as .exe file (foo.exe + foo.exe.manifest) changes the dll search
225 // order for the .exe file. Downloading this kind of file to the users'
226 // download directory is almost always the wrong thing to do.
229 // Media Attachment Unit.
232 // Multipart HTML.
239 // Microsoft Management Console Snap-in. Contains executable code.
242 // Microsoft Shell.
250 // Windows Installer.
255 // ActiveX Control.
258 // Microsoft Office Profile Settings File.
261 // Microsoft Visual Test.
264 // Program Information File. Originally intended to configure execution
265 // environment for legacy DOS files. They aren't meant to contain executable
266 // code. But Windows may execute a PIF file that is sniffed as a PE file.
269 // Developer Studio Build Log.
272 // Windows System File.
275 // Program File.
278 // Microsoft Exchange Address Book File. Microsoft Outlook Personal Folder
279 // File.
282 // Microsoft Windows PowerShell.
290 // Registry file. Opening may cause registry settings to change. Users still
291 // need to click through a prompt. So we could consider relaxing the
292 // DISALLOW_AUTO_OPEN restriction.
295 // Microsoft Windows Explorer Command.
296 // See https://support.microsoft.com/kb/190355 for an example.
299 // Microsoft Windows Screen Saver.
302 // Microsoft Windows Script Component. Microsoft FoxPro Screen.
303 // A Script Component is a COM component created using script.
304 // See https://msdn.microsoft.com/library/aa233148.aspx for an example.
307 // Microsoft Windows Shortcut into a document.
308 // See https://support.microsoft.com/kb/212344
311 // Shell Scrap Object File.
314 // System executable. Windows tries hard to prevent you from opening these
315 // types of files.
318 // Internet Shortcut (new since IE9). Both .url and .website are .ini files
319 // that describe a shortcut that points to a URL. They can point at
320 // anything. Dropping a download of this type and opening it automatically
321 // can in effect sidestep origin restrictions etc.
325 // VBScript files. My open with Windows Script Host and execute with user
326 // privileges.
333 // Microsoft Visual Studio Binary-based Macro Project.
339 // Microsoft Visio Workspace.
342 // Windows Script Host related.
348 // XAML Browser Application.
351 // Microsoft Exchange Public Folder Shortcut.
355 // Java.
356 #if !defined(OS_CHROMEOS)
360 #endif
362 // Scripting languages. (Shells are handled below.)
363 #if !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
369 #endif
371 // Shell languages. (OS_ANDROID is OS_POSIX.) OS_WIN shells are handled above.
372 #if defined(OS_POSIX)
379 #endif
380 #if defined(OS_MACOSX)
382 #endif
384 // Package management formats. OS_WIN package formats are handled above.
385 #if defined(OS_MACOSX) || defined(OS_LINUX)
387 #endif
388 #if defined(OS_LINUX)
391 #endif
392 #if defined(OS_ANDROID)
394 #endif
395 };
397 // FileType for files with an empty extension.
400 // Default FileType for non-empty extensions that aren't in the list above.
409 #if defined(OS_WIN)
411 #elif defined(OS_POSIX)
413 #endif
415 // Strip out leading dot if it's still there
422 }
425 }
431 }
435 }