Add permission callback for user-initated downloads (fixes issue #3183)

This change adds a CefDownloadHandler::CanDownload callback for optionally blocking user-initiated downloads (e.g. alt + link click or link click that returns a `Content-Disposition: attachment` response from the server). To test: - Run `ceftests --gtest_filter=DownloadTest.*`. - Run `cefclient --hide-controls`. User-initiated downloads will be blocked.
2025-06-05 21:39:12 +02:00 · 2022-03-22 17:40:28 -04:00
parent 2f5838eaaa
commit 6d7a680187
16 changed files with 280 additions and 38 deletions
--- a/include/cef_download_handler.h
+++ b/include/cef_download_handler.h
@ -90,6 +90,20 @@ class CefDownloadItemCallback : public virtual CefBaseRefCounted {
 /*--cef(source=client)--*/
 class CefDownloadHandler : public virtual CefBaseRefCounted {
 public:
+  ///
+  // Called before a download begins in response to a user-initiated action
+  // (e.g. alt + link click or link click that returns a `Content-Disposition:
+  // attachment` response from the server). |url| is the target download URL and
+  // |request_method| is the target method (GET, POST, etc). Return true to
+  // proceed with the download or false to cancel the download.
+  ///
+  /*--cef()--*/
+  virtual bool CanDownload(CefRefPtr<CefBrowser> browser,
+                           const CefString& url,
+                           const CefString& request_method) {
+    return true;
+  }
+
  ///
  // Called before a download begins. |suggested_name| is the suggested name for
  // the download file. By default the download will be canceled. Execute