Confirm launch of executables other than .exe on Windows

author: wolfbeast <mcwerewolf@gmail.com> 2017-10-06 20:12:54 +0200
committer: wolfbeast <mcwerewolf@gmail.com> 2018-02-08 11:58:23 +0100
commit: b62fce0dc0c77a5788c331db32b3996e4020e2a5 (patch)
tree: 8cb1a4758b16d9caae55f525b73f5fca3824b4f7
parent: bfa65f5d5f4fc1a1330acc91945d0587ddf65104 (diff)
download: UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar
UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar.gz
UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar.lz
UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar.xz
UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.zip
2 files changed, 24 insertions, 15 deletions
diff --git a/browser/components/downloads/DownloadsCommon.jsm b/browser/components/downloads/DownloadsCommon.jsm
index b6684817d..90f14f2d8 100644
--- a/browser/components/downloads/DownloadsCommon.jsm
+++ b/browser/components/downloads/DownloadsCommon.jsm
@@ -42,6 +42,8 @@ XPCOMUtils.defineLazyModuleGetter(this, "NetUtil",
                                   "resource://gre/modules/NetUtil.jsm");
 XPCOMUtils.defineLazyModuleGetter(this, "PluralForm",
                                   "resource://gre/modules/PluralForm.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "AppConstants",
+                                  "resource://gre/modules/AppConstants.jsm");
 XPCOMUtils.defineLazyModuleGetter(this, "Downloads",
                                   "resource://gre/modules/Downloads.jsm");
 XPCOMUtils.defineLazyModuleGetter(this, "DownloadUIHelper",
@@ -460,8 +462,12 @@ this.DownloadsCommon = {
       throw new Error("aOwnerWindow must be a dom-window object");
     }
 
+    let isWindowsExe = AppConstants.platform == "win" &&
+      aFile.leafName.toLowerCase().endsWith(".exe");
+
     let promiseShouldLaunch;
-    if (aFile.isExecutable()) {
+    // Don't prompt on Windows for .exe since there will be a native prompt.
+    if (aFile.isExecutable() && !isWindowsExe) {
       // We get a prompter for the provided window here, even though anchoring
       // to the most recently active window should work as well.
       promiseShouldLaunch =
diff --git a/toolkit/components/jsdownloads/src/DownloadIntegration.jsm b/toolkit/components/jsdownloads/src/DownloadIntegration.jsm
index 5fed9212a..1d289c24d 100644
--- a/toolkit/components/jsdownloads/src/DownloadIntegration.jsm
+++ b/toolkit/components/jsdownloads/src/DownloadIntegration.jsm
@@ -28,6 +28,8 @@ Cu.import("resource://gre/modules/XPCOMUtils.jsm");
 
 XPCOMUtils.defineLazyModuleGetter(this, "AsyncShutdown",
                                   "resource://gre/modules/AsyncShutdown.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "AppConstants",
+                                  "resource://gre/modules/AppConstants.jsm");
 XPCOMUtils.defineLazyModuleGetter(this, "DeferredTask",
                                   "resource://gre/modules/DeferredTask.jsm");
 XPCOMUtils.defineLazyModuleGetter(this, "Downloads",
@@ -675,20 +677,6 @@ this.DownloadIntegration = {
   launchDownload: Task.async(function* (aDownload) {
     let file = new FileUtils.File(aDownload.target.path);
 
-#ifndef XP_WIN
-    // Ask for confirmation if the file is executable, except on Windows where
-    // the operating system will show the prompt based on the security zone.
-    // We do this here, instead of letting the caller handle the prompt
-    // separately in the user interface layer, for two reasons.  The first is
-    // because of its security nature, so that add-ons cannot forget to do
-    // this check.  The second is that the system-level security prompt would
-    // be displayed at launch time in any case.
-    if (file.isExecutable() &&
-        !(yield this.confirmLaunchExecutable(file.path))) {
-      return;
-    }
-#endif
-
     // In case of a double extension, like ".tar.gz", we only
     // consider the last one, because the MIME service cannot
     // handle multiple extensions.
@@ -698,6 +686,21 @@ this.DownloadIntegration = {
       fileExtension = match[1];
     }
 
+    let isWindowsExe = AppConstants.platform == "win" &&
+      fileExtension.toLowerCase() == "exe";
+
+    // Ask for confirmation if the file is executable, except for .exe on
+    // Windows where the operating system will show the prompt based on the
+    // security zone.  We do this here, instead of letting the caller handle
+    // the prompt separately in the user interface layer, for two reasons.  The
+    // first is because of its security nature, so that add-ons cannot forget
+    // to do this check.  The second is that the system-level security prompt
+    // would be displayed at launch time in any case.
+    if (file.isExecutable() && !isWindowsExe &&
+        !(await this.confirmLaunchExecutable(file.path))) {
+      return;
+    }
+
     try {
       // The MIME service might throw if contentType == "" and it can't find
       // a MIME type for the given extension, so we'll treat this case as
author	wolfbeast <mcwerewolf@gmail.com>	2017-10-06 20:12:54 +0200
committer	wolfbeast <mcwerewolf@gmail.com>	2018-02-08 11:58:23 +0100
commit	b62fce0dc0c77a5788c331db32b3996e4020e2a5 (patch)
tree	8cb1a4758b16d9caae55f525b73f5fca3824b4f7
parent	bfa65f5d5f4fc1a1330acc91945d0587ddf65104 (diff)
download	UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar.gz UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar.lz UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.tar.xz UXP-b62fce0dc0c77a5788c331db32b3996e4020e2a5.zip