[Backport] Fix for security issue 922677

Disable FileSystemManager::CreateWriter if WritableFiles isn't enabled.

TBR=mek@chromium.org

(cherry picked from commit f045c704568e9cf6279b3cbccbec6d86c35f8a13)

Bug: 922677
Change-Id: Ib16137cbabb2ec07f1ffc0484722f1d9cc533404
Reviewed-on: https://chromium-review.googlesource.com/c/1416570
Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
Reviewed-by: Victor Costan <pwnall@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#623552}
Reviewed-on: https://chromium-review.googlesource.com/c/1427044
Reviewed-by: Marijn Kruisselbrink <mek@chromium.org>
Cr-Commit-Position: refs/branch-heads/3626@{#755}
Cr-Branched-From: d897fb137fbaaa9355c0c93124cc048824eb1e65-refs/heads/master@{#612437}
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

1 files changed, 5 insertions, 0 deletions

diff --git a/chromium/content/browser/fileapi/fileapi_message_filter.cc b/chromium/content/browser/fileapi/fileapi_message_filter.cc
index 53fcccdecb0..4b8b363fe2c 100644
--- a/chromium/content/browser/fileapi/fileapi_message_filter.cc
+++ b/chromium/content/browser/fileapi/fileapi_message_filter.cc
@@ -307,6 +307,11 @@ void FileAPIMessageFilter::OnCreate(
     int request_id, const GURL& path, bool exclusive,
     bool is_directory, bool recursive) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  // This depends on a default off feature not even introduced in Chromium 69:
+  // blink::features::kWritableFilesAPI.
+  return;
+
   FileSystemURL url(context_->CrackURL(path));
   if (!ValidateFileSystemURL(request_id, url))
     return;