1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "webkit/database/database_util.h"
7 #include "base/basictypes.h"
8 #include "base/utf_string_conversions.h"
9 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h"
10 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h"
11 #include "webkit/database/database_tracker.h"
12 #include "webkit/database/vfs_backend.h"
14 namespace webkit_database
{
16 const char DatabaseUtil::kJournalFileSuffix
[] = "-journal";
18 bool DatabaseUtil::CrackVfsFileName(const base::string16
& vfs_file_name
,
19 base::string16
* origin_identifier
,
20 base::string16
* database_name
,
21 base::string16
* sqlite_suffix
) {
22 // 'vfs_file_name' is of the form <origin_identifier>/<db_name>#<suffix>.
23 // <suffix> is optional.
24 DCHECK(!vfs_file_name
.empty());
25 size_t first_slash_index
= vfs_file_name
.find('/');
26 size_t last_pound_index
= vfs_file_name
.rfind('#');
27 // '/' and '#' must be present in the string. Also, the string cannot start
28 // with a '/' (origin_identifier cannot be empty) and '/' must come before '#'
29 if ((first_slash_index
== base::string16::npos
) ||
30 (last_pound_index
== base::string16::npos
) ||
31 (first_slash_index
== 0) ||
32 (first_slash_index
> last_pound_index
)) {
36 if (origin_identifier
)
37 *origin_identifier
= vfs_file_name
.substr(0, first_slash_index
);
39 *database_name
= vfs_file_name
.substr(
40 first_slash_index
+ 1, last_pound_index
- first_slash_index
- 1);
43 *sqlite_suffix
= vfs_file_name
.substr(
44 last_pound_index
+ 1, vfs_file_name
.length() - last_pound_index
- 1);
49 base::FilePath
DatabaseUtil::GetFullFilePathForVfsFile(
50 DatabaseTracker
* db_tracker
, const base::string16
& vfs_file_name
) {
51 base::string16 origin_identifier
;
52 base::string16 database_name
;
53 base::string16 sqlite_suffix
;
54 if (!CrackVfsFileName(vfs_file_name
, &origin_identifier
,
55 &database_name
, &sqlite_suffix
)) {
56 return base::FilePath(); // invalid vfs_file_name
59 base::FilePath full_path
= db_tracker
->GetFullDBFilePath(
60 origin_identifier
, database_name
);
61 if (!full_path
.empty() && !sqlite_suffix
.empty()) {
62 DCHECK(full_path
.Extension().empty());
63 full_path
= full_path
.InsertBeforeExtensionASCII(
64 UTF16ToASCII(sqlite_suffix
));
66 // Watch out for directory traversal attempts from a compromised renderer.
67 if (full_path
.value().find(FILE_PATH_LITERAL("..")) !=
68 base::FilePath::StringType::npos
)
69 return base::FilePath();
73 base::string16
DatabaseUtil::GetOriginIdentifier(const GURL
& url
) {
74 base::string16 spec
= UTF8ToUTF16(url
.spec());
75 return WebKit::WebSecurityOrigin::createFromString(spec
).databaseIdentifier();
78 GURL
DatabaseUtil::GetOriginFromIdentifier(
79 const base::string16
& origin_identifier
) {
80 WebKit::WebSecurityOrigin web_security_origin
=
81 WebKit::WebSecurityOrigin::createFromDatabaseIdentifier(
84 // We need this work-around for file:/// URIs as
85 // createFromDatabaseIdentifier returns null origin_url for them.
86 if (web_security_origin
.isUnique()) {
87 if (origin_identifier
.find(UTF8ToUTF16("file__")) == 0)
88 return GURL("file:///");
92 return GURL(web_security_origin
.toString());
95 bool DatabaseUtil::IsValidOriginIdentifier(
96 const base::string16
& origin_identifier
) {
97 base::string16 dotdot
= ASCIIToUTF16("..");
98 char16 forbidden
[] = {'\\', '/', '\0'};
100 base::string16::size_type pos
= origin_identifier
.find(dotdot
);
101 if (pos
== base::string16::npos
)
102 pos
= origin_identifier
.find_first_of(forbidden
, 0, arraysize(forbidden
));
104 return pos
== base::string16::npos
;
107 } // namespace webkit_database
