feat: implement File System API support (#41827)

* feat: implement File System API support

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* test: add a test for writable permission checking

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* fix: gn check include issues

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* chore: feedback from review

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* chore: cleanup feedback from review

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* refactor: namespace to electron

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* fixup! chore: cleanup feedback from review

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* chore: address more feedback from review

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* 5301485: Add content analysis to File System Access Javascript API.

https://chromium-review.googlesource.com/c/chromium/src/+/5301485

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* docs: improve typing of details object

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* chore: address outstanding todo

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* refactor: use Chrome's file system access blocklist

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* lint

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* fix: Windows build

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* test: clarify test verbiage

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

---------

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

chromium_src/BUILD.gn

@@ -33,6 +33,8 @@ static_library("chrome") {
     "//chrome/browser/devtools/visual_logging.h",
     "//chrome/browser/extensions/global_shortcut_listener.cc",
     "//chrome/browser/extensions/global_shortcut_listener.h",
+    "//chrome/browser/file_system_access/file_system_access_features.cc",
+    "//chrome/browser/file_system_access/file_system_access_features.h",
     "//chrome/browser/icon_loader.cc",
     "//chrome/browser/icon_loader.h",
     "//chrome/browser/icon_manager.cc",

docs/api/session.md

@@ -818,15 +818,10 @@ win.webContents.session.setCertificateVerifyProc((request, callback) => {
     * `top-level-storage-access` -  Allow top-level sites to request third-party cookie access on behalf of embedded content originating from another site in the same related website set using the [Storage Access API](https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API).
     * `window-management` - Request access to enumerate screens using the [`getScreenDetails`](https://developer.chrome.com/en/articles/multi-screen-window-placement/) API.
     * `unknown` - An unrecognized permission request.
+    * `fileSystem` - Request access to read, write, and file management capabilities using the [File System API](https://developer.mozilla.org/en-US/docs/Web/API/File_System_API).
   * `callback` Function
     * `permissionGranted` boolean - Allow or deny the permission.
-  * `details` Object - Some properties are only available on certain permission types.
-    * `externalURL` string (optional) - The url of the `openExternal` request.
-    * `securityOrigin` string (optional) - The security origin of the `media` request.
-    * `mediaTypes` string[] (optional) - The types of media access being requested, elements can be `video`
-      or `audio`
-    * `requestingUrl` string - The last URL the requesting frame loaded
-    * `isMainFrame` boolean - Whether the frame making the request is the main frame
+  * `details` [PermissionRequest](structures/permission-request.md)  | [FilesystemPermissionRequest](structures/filesystem-permission-request.md) | [MediaAccessPermissionRequest](structures/media-access-permission-request.md) | [OpenExternalPermissionRequest](structures/open-external-permission-request.md) - Additional information about the permission being requested.
 
 Sets the handler which can be used to respond to permission requests for the `session`.
 Calling `callback(true)` will allow the permission and `callback(false)` will reject it.

docs/api/structures/filesystem-permission-request.md

@@ -0,0 +1,5 @@
+# FilesystemPermissionRequest Object extends `PermissionRequest`
+
+* `filePath` string (optional) - The path of the `fileSystem` request.
+* `isDirectory` boolean (optional) - Whether the `fileSystem` request is a directory.
+* `fileAccessType` string (optional) - The access type of the `fileSystem` request. Can be `writable` or `readable`.

docs/api/structures/media-access-permission-request.md

@@ -0,0 +1,5 @@
+# MediaAccessPermissionRequest Object extends `PermissionRequest`
+
+* `securityOrigin` string (optional) - The security origin of the request.
+* `mediaTypes` string[] (optional) - The types of media access being requested - elements can be `video`
+  or `audio`.

docs/api/structures/open-external-permission-request.md

@@ -0,0 +1,3 @@
+# OpenExternalPermissionRequest Object extends `PermissionRequest`
+
+* `externalURL` string (optional) - The url of the `openExternal` request.

docs/api/structures/permission-request.md

@@ -0,0 +1,4 @@
+# PermissionRequest Object
+
+* `requestingUrl` string - The last URL the requesting frame loaded.
+* `isMainFrame` boolean - Whether the frame making the request is the main frame.

filenames.auto.gni

@@ -89,6 +89,7 @@ auto_filenames = {
     "docs/api/structures/extension.md",
     "docs/api/structures/file-filter.md",
     "docs/api/structures/file-path-with-headers.md",
+    "docs/api/structures/filesystem-permission-request.md",
     "docs/api/structures/gpu-feature-status.md",
     "docs/api/structures/hid-device.md",
     "docs/api/structures/input-event.md",
@@ -99,14 +100,17 @@ auto_filenames = {
     "docs/api/structures/jump-list-item.md",
     "docs/api/structures/keyboard-event.md",
     "docs/api/structures/keyboard-input-event.md",
+    "docs/api/structures/media-access-permission-request.md",
     "docs/api/structures/memory-info.md",
     "docs/api/structures/memory-usage-details.md",
     "docs/api/structures/mime-typed-buffer.md",
     "docs/api/structures/mouse-input-event.md",
     "docs/api/structures/mouse-wheel-input-event.md",
     "docs/api/structures/notification-action.md",
     "docs/api/structures/notification-response.md",
+    "docs/api/structures/open-external-permission-request.md",
     "docs/api/structures/payment-discount.md",
+    "docs/api/structures/permission-request.md",
     "docs/api/structures/point.md",
     "docs/api/structures/post-body.md",
     "docs/api/structures/printer-info.md",

filenames.gni

@@ -387,6 +387,10 @@ filenames = {
     "shell/browser/file_select_helper.cc",
     "shell/browser/file_select_helper.h",
     "shell/browser/file_select_helper_mac.mm",
+    "shell/browser/file_system_access/file_system_access_permission_context.cc",
+    "shell/browser/file_system_access/file_system_access_permission_context.h",
+    "shell/browser/file_system_access/file_system_access_permission_context_factory.cc",
+    "shell/browser/file_system_access/file_system_access_permission_context_factory.h",
     "shell/browser/font_defaults.cc",
     "shell/browser/font_defaults.h",
     "shell/browser/hid/electron_hid_delegate.cc",

patches/chromium/.patches

@@ -129,3 +129,4 @@ build_run_reclient_cfg_generator_after_chrome.patch
 fix_suppress_clang_-wimplicit-const-int-float-conversion_in.patch
 fix_getcursorscreenpoint_wrongly_returns_0_0.patch
 fix_add_support_for_skipping_first_2_no-op_refreshes_in_thumb_cap.patch
+refactor_expose_file_system_access_blocklist.patch