Closed Bug 581762 Opened 14 years ago Closed 14 years ago

Malware blocked site: Camino should prevent downloading of files from the location bar

Categories

(Camino Graveyard :: Security, defect)

Product:
Camino Graveyard
Component:
Security
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: phiw2, Assigned: alqahira)

Details

(Whiteboard: [camino-2.0.4] p-safari)

Attachments

(1 file, 1 obsolete file)

Fix, v2
985 bytes, patch
stuart.morgan+bugzilla
: superreview+
Details | Diff | Splinter Review 
Basic STR:
1. paste a url for a file hosted on a malware blocked site in the location bar
2. Option-return to save/download the file locally

AR: the save file dialog appears, the file is saved
ER: the file is not saved.

In this case Safari prevents saving the file

real world example:
At time of writing, http://destination-out.com/ is blocked as malware (probably hacked WordPress). That site (legally) hosts mp3 files. A direct URL for one:
http://destination-out.com/media/tracks/Dixon_Solo-8.mp3 (clean file, afaict).
Loading this URL results in the malware overlay, but option-return in the location bar allows downloading the file.
(note that the files on that site are only available for a limited time, in theory)

That is the most straight forward scenario I see:
1. user follows link to mp3
2. link target (site) is blocked.
3. user tries opt-return in location bar to save file locally

----
Safari, Camino and Firefox allow downloading the file from a link by right-clicking on the link and choosing 'Download linked file'/'Save link target as'/… or option-clicking the link. Google Chrome (tested: dev channel) prevents saving the link target in this case.
Ought to be pretty straightforward to fix the opt-return stuff; we just have to have cl's opt-return code (http://mxr.mozilla.org/camino/source/camino/src/browser/BrowserWindowController.mm#355) use hendy's menu disabling code (bug 501246), or, rather, the (![[self browserWrapper] isBlockedErrorOverlayShowing]) part, to check.
Whiteboard: p-safari
Attached patch Fix (obsolete) — Splinter Review 
Like this, actually.
Assignee: nobody → alqahira
Status: NEW → ASSIGNED
Attachment #460109 - Flags: superreview?(stuart.morgan+bugzilla)
Attachment #460109 - Flags: feedback?(phiw)
Comment on attachment 460109 [details] [diff] [review]
Fix

Does what I expected: opt-return in the location bar is disabled.
Attachment #460109 - Flags: feedback?(phiw) → feedback+
And I guess if this does the right thing, we should take it in 2.0.x, too.

And, another too-late-night thought: is there a better way to write this that
doesn't require me to re-indent all of cl's code?  I apparently can't "return"
inside a (void), so says the compiler--or I was trying to return the wrong way
when I tried that initially.
Flags: camino2.0.4?
(In reply to comment #3)
> Comment on attachment 460109 [details] [diff] [review]
> Fix
> 
> Does what I expected: opt-return in the location bar is disabled.

via irc:
[3:59pm] ardissone: phiw: did you check to see if it does the right thing after clicking through the warning?
[3:59pm] ardissone: just thought of that
[3:59pm] ardissone: (both for a binary and a webpage)

yes, after clicking through the warning, saving via opt-return works perfectly fine
Comment on attachment 460109 [details] [diff] [review]
Fix

Yes, you just want:

if ([[bwc browserWrapper] isBlockedErrorOverlayShowing])
  return;

at the beginning.
Attachment #460109 - Flags: superreview?(stuart.morgan+bugzilla) → superreview-
Attached patch Fix, v2Splinter Review 
Yes, that seems much more pleasant.
Attachment #460109 - Attachment is obsolete: true
Attachment #460177 - Flags: superreview?(stuart.morgan+bugzilla)
Comment on attachment 460177 [details] [diff] [review]
Fix, v2

sr=smorgan

Do we want to leave this open to handle this in a robust way? This doesn't cover the case of skipping to step 3.
Attachment #460177 - Flags: superreview?(stuart.morgan+bugzilla) → superreview+
> Do we want to leave this open to handle this in a robust way? This doesn't
> cover the case of skipping to step 3.

I was leaning more towards filing a new bug, because it seems to me the way to fix that is to have the Save code itself run a check (or check flags, or whatever) on the URL before saving, and that covers the context menu "Download link target" and opt-click the link cases as well--and it's probably not something I can fix.

If you'd prefer to leave this open, that's fine by me, too, but the above is why I was leaning towards filing a new bug for fixing the Save code itself.
http://hg.mozilla.org/camino/rev/2e0518cb2180 and CAMINO_2_0_BRANCH.

Filed bug 581885 for the additional work.
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Flags: camino2.0.4? → camino2.0.4+
Resolution: --- → FIXED
Whiteboard: p-safari → [camino-2.0.4] p-safari
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: