Add a SafeSearch preference, policy and implementation.

chrome/browser/net/chrome_network_delegate.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/net/chrome_network_delegate.h"
 
+#include <vector>
+
 #include "base/logging.h"
 #include "base/base_paths.h"
 #include "base/path_service.h"
+#include "base/string_util.h"
 #include "chrome/browser/api/prefs/pref_member.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/content_settings/cookie_settings.h"
 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
 #include "chrome/browser/custom_handlers/protocol_handler_registry.h"
 #include "chrome/browser/extensions/api/proxy/proxy_api.h"
 #include "chrome/browser/extensions/api/web_request/web_request_api.h"
 #include "chrome/browser/extensions/event_router_forwarder.h"
 #include "chrome/browser/extensions/extension_info_map.h"
 #include "chrome/browser/extensions/extension_process_manager.h"
+#include "chrome/browser/google/google_util.h"
 #include "chrome/browser/net/load_time_stats.h"
 #include "chrome/browser/performance_monitor/performance_monitor.h"
 #include "chrome/browser/prefs/pref_service.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/task_manager/task_manager.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/url_constants.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/resource_request_info.h"
@@ skipping 50 matching lines @@
     switch (request->status().error()) {
       case net::ERR_PROXY_AUTH_UNSUPPORTED:
       case net::ERR_PROXY_CONNECTION_FAILED:
       case net::ERR_TUNNEL_CONNECTION_FAILED:
         extensions::ProxyEventRouter::GetInstance()->OnProxyError(
             event_router, profile, request->status().error());
     }
   }
 }
 
+// Gets called when the extensions finish work on the URL. If the extensions
+// did not do a redirect (so |new_url| is empty) then we enforce the
+// SafeSearch parameters. Otherwise we will get called again after the
+// redirect and we enforce SafeSearch then.
+void ForceGoogleSafeSearchCallbackWrapper(
+    const net::CompletionCallback& callback,
+    net::URLRequest* request,
+    GURL* new_url,
+    int rv) {
+  if (rv == net::OK && new_url->is_empty())
+    ChromeNetworkDelegate::ForceGoogleSafeSearch(request, new_url);
+  callback.Run(rv);
+}
+
+enum SafeSearchCheckState {
+  KEEP_SEARCHING = 0,
+  ADD_PARAMETER,
+  PARAMETER_PRESENT,
+};
+
+// Checks a parameter to see if it is present in the query. |parameter| is the
+// current parameter which is being checked; |parameter_to_find| is the
+// parameter we are looking for; |keep_element| returns whether we want to keep
+// |parameter| in the list of parameters. The return value shows the action
+// that needs to be taken.
+SafeSearchCheckState CheckForParameter(const std::string& parameter,
+                                       const std::string& parameter_to_find,
+                                       bool* keep_element) {
+  DCHECK(parameter_to_find.find("=") != std::string::npos);
+  // prefix for "safe=off" is "safe=".
+  std::string parameter_prefix = parameter_to_find.substr(
+      0, parameter_to_find.find("=") + 1);
+  if (parameter.length() >= parameter_prefix.length()) {
+    if (parameter == parameter_to_find)

[Bernhard Bauer, 2012/10/22 09:50:18]

You could do this check right at the beginning, no?

[Sergiu, 2012/10/30 01:08:11]

Done.

+      return PARAMETER_PRESENT;
+    // Found the parameter but not the correct value, remove it.
+    if (parameter.substr(0, parameter_prefix.length()) == parameter_prefix) {

[Bernhard Bauer, 2012/10/22 09:50:18]

You could write this as `base::StartsWith(parameter, parameter_prefix, false)`.

[Sergiu, 2012/10/30 01:08:11]

Done.

+      *keep_element = false;
+      return ADD_PARAMETER;
+    }
+  }
+  return KEEP_SEARCHING;
+}
+
+// Examines a query to see if it should be modified to contain the SafeSearch
+// parameters. |query| is the string to examine and |new_query| is the output
+// string which should be set such that SafeSearch is on. If the proper
+// options are already set for SafeSearch then |new_query| will be equal
+// to |query|.
+void ExamineQueryForSafeSearch(const std::string& query,
+                               std::string* new_query) {

[Bernhard Bauer, 2012/10/22 09:50:18]

Do you need to return the value by outparam?

[Sergiu, 2012/10/30 01:08:11]

Returned a string object now.

+  std::vector<std::string> new_parameters;
+  SafeSearchCheckState safe_check = KEEP_SEARCHING;
+  SafeSearchCheckState ssui_check = KEEP_SEARCHING;
+  std::string safe_parameter = chrome::kSafeSearchSafeParameter;
+  std::string ssui_parameter = chrome::kSafeSearchSsuiParameter;
+
+  std::vector<std::string> parameters;
+  Tokenize(query, std::string("&"), &parameters);

[Bernhard Bauer, 2012/10/22 09:50:18]

I think the explicit constructor isn't necessary.

Also, you could use base::SplitString()? It might me ever so slightly faster (as
it doesn't have to search for the first of multiple separators).

[Sergiu, 2012/10/30 01:08:11]

Done.

+
+  std::vector<std::string>::reverse_iterator rit;
+  for (rit = parameters.rbegin(); rit < parameters.rend(); ++rit) {
+    bool keep_current_parameter = true;
+    if (safe_check == KEEP_SEARCHING) {
+      safe_check = CheckForParameter(*rit, safe_parameter,
+                                     &keep_current_parameter);

[Joao da Silva, 2012/10/22 21:14:20]

The ChecForParameter() function and the enum values are a bit more complicated
than they have to be. Why not just 1) always remove the matching parameters and
2) always append the desired values at the end? So this loop's body becomes (in
forward traversal order):

if (!ParameterMatches(*it, safe_parameter) && !ParameterMatches(*it,
ssui_parameter))
  new_parameters.push_back(*it);

and after the loop:

new_parameters.push_back(safe_parameter);
new_parameters.push_back(ssui_parameter);

This handles duplicate parameters, and will only reorder the parameter order if
they are already present. Is that a problem?

[Sergiu, 2012/10/30 01:08:11]

No, it makes total sense.. the initial idea was to alter the query as less as
possible but since I'm already doing that it's a better idea to keep everything
simple. Fixed.

+    }
+    if (ssui_check == KEEP_SEARCHING) {
+      ssui_check = CheckForParameter(*rit, ssui_parameter,
+                                     &keep_current_parameter);
+    }
+    if (keep_current_parameter) {
+      // Iterating in reverse so make sure that we add it in the correct
+      // position.
+      new_parameters.insert(new_parameters.begin(), *rit);

[Joao da Silva, 2012/10/22 21:14:20]

Why not iterate forward (not reverse) and push_back here?

[Sergiu, 2012/10/30 01:08:11]

Done.

+    }
+  }
+
+  if (safe_check != PARAMETER_PRESENT)
+    new_parameters.insert(new_parameters.end(), safe_parameter);

[Bernhard Bauer, 2012/10/22 09:50:18]

I think you can just do push_back().

[Sergiu, 2012/10/30 01:08:11]

Done.

+  if (ssui_check != PARAMETER_PRESENT)
+    new_parameters.insert(new_parameters.end(), ssui_parameter);
+  *new_query = JoinString(new_parameters, std::string("&"));
+}
+
 enum RequestStatus { REQUEST_STARTED, REQUEST_DONE };
 
 // Notifies the ExtensionProcessManager that a request has started or stopped
 // for a particular RenderView.
 void NotifyEPMRequestStatus(RequestStatus status,
                             void* profile_id,
                             int process_id,
                             int render_view_id) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   Profile* profile = reinterpret_cast<Profile*>(profile_id);
@@ skipping 39 matching lines @@
 
 ChromeNetworkDelegate::ChromeNetworkDelegate(
     extensions::EventRouterForwarder* event_router,
     ExtensionInfoMap* extension_info_map,
     const policy::URLBlacklistManager* url_blacklist_manager,
     const ManagedModeURLFilter* managed_mode_url_filter,
     void* profile,
     CookieSettings* cookie_settings,
     BooleanPrefMember* enable_referrers,
     BooleanPrefMember* enable_do_not_track,
+    BooleanPrefMember* force_google_safesearch,
     chrome_browser_net::LoadTimeStats* load_time_stats)
     : event_router_(event_router),
       profile_(profile),
       cookie_settings_(cookie_settings),
       extension_info_map_(extension_info_map),
       enable_referrers_(enable_referrers),
       enable_do_not_track_(enable_do_not_track),
+      force_google_safesearch_(force_google_safesearch),
       url_blacklist_manager_(url_blacklist_manager),
       managed_mode_url_filter_(managed_mode_url_filter),
       load_time_stats_(load_time_stats) {
   DCHECK(event_router);
   DCHECK(enable_referrers);
   DCHECK(!profile || cookie_settings);
 }
 
 ChromeNetworkDelegate::~ChromeNetworkDelegate() {}
 
 // static
 void ChromeNetworkDelegate::NeverThrottleRequests() {
   g_never_throttle_requests_ = true;
 }
 
 // static
 void ChromeNetworkDelegate::InitializePrefsOnUIThread(
     BooleanPrefMember* enable_referrers,
     BooleanPrefMember* enable_do_not_track,
+    BooleanPrefMember* force_google_safesearch,
     PrefService* pref_service) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   enable_referrers->Init(prefs::kEnableReferrers, pref_service, NULL);
   enable_referrers->MoveToThread(BrowserThread::IO);
   if (enable_do_not_track) {
     enable_do_not_track->Init(prefs::kEnableDoNotTrack, pref_service, NULL);
     enable_do_not_track->MoveToThread(BrowserThread::IO);
   }
+  if (force_google_safesearch) {
+    force_google_safesearch->Init(prefs::kForceSafeSearch, pref_service, NULL);
+    force_google_safesearch->MoveToThread(BrowserThread::IO);
+  }
 }
 
 // static
 void ChromeNetworkDelegate::AllowAccessToAllFiles() {
   g_allow_file_access_ = true;
 }
 
+// static
+void ChromeNetworkDelegate::ForceGoogleSafeSearch(net::URLRequest* request,

[Joao da Silva, 2012/10/22 21:14:20]

It's not clear to me why this is a static method of the delegate, while the
other functions are in the anonymous namespace. Can't this be there too?

[Sergiu, 2012/10/30 01:08:11]

Initially I touched some stuff in the delegate but that has changed and not I've
moved this in the anonymous space as well.

+                                                  GURL* new_url) {
+  // Force SafeSearch.
+  const bool is_search_url = google_util::IsGoogleSearchUrl(
+      request->url().spec());
+  const bool is_homepage_url = google_util::IsGoogleHomePageUrl(
+      request->url().spec());
+  if (is_search_url || is_homepage_url) {
+    std::string query = request->url().query();
+    std::string new_query;
+
+    ExamineQueryForSafeSearch(query, &new_query);
+    if (query == new_query)
+      return;
+
+    GURL::Replacements replacements;
+    replacements.SetQueryStr(new_query);
+    *new_url = request->url().ReplaceComponents(replacements);
+  }
+}
+
 int ChromeNetworkDelegate::OnBeforeURLRequest(
     net::URLRequest* request,
     const net::CompletionCallback& callback,
     GURL* new_url) {
 #if defined(ENABLE_CONFIGURATION_POLICY)
   // TODO(joaodasilva): This prevents extensions from seeing URLs that are
   // blocked. However, an extension might redirect the request to another URL,
   // which is not blocked.
   if (url_blacklist_manager_ &&
       url_blacklist_manager_->IsURLBlocked(request->url())) {
@@ skipping 13 matching lines @@
     return net::ERR_NETWORK_ACCESS_DENIED;
   }
 #endif
 
   ForwardRequestStatus(REQUEST_STARTED, request, profile_);
 
   if (!enable_referrers_->GetValue())
     request->set_referrer(std::string());
   if (enable_do_not_track_ && enable_do_not_track_->GetValue())
     request->SetExtraRequestHeaderByName(kDNTHeader, "1", true /* override */);
-  return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRequest(
-      profile_, extension_info_map_.get(), request, callback, new_url);
+
+  bool force_safesearch = force_google_safesearch_ &&
+                          force_google_safesearch_->GetValue();
+
+  net::CompletionCallback wrapped_callback = callback;
+  if (force_safesearch) {
+    wrapped_callback = base::Bind(&ForceGoogleSafeSearchCallbackWrapper,
+                                  callback,
+                                  base::Unretained(request),
+                                  base::Unretained(new_url));
+  }
+
+  int rv = ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRequest(
+      profile_, extension_info_map_.get(), request, wrapped_callback,
+      new_url);
+
+  if (force_safesearch && rv == net::OK && new_url->is_empty())
+    ForceGoogleSafeSearch(request, new_url);
+
+  return rv;
 }
 
 int ChromeNetworkDelegate::OnBeforeSendHeaders(
     net::URLRequest* request,
     const net::CompletionCallback& callback,
     net::HttpRequestHeaders* headers) {
   return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeSendHeaders(
       profile_, extension_info_map_.get(), request, callback, headers);
 }
 
@@ skipping 214 matching lines @@
 #endif
   return net::OK;
 }
 
 void ChromeNetworkDelegate::OnRequestWaitStateChange(
     const net::URLRequest& request,
     RequestWaitState state) {
   if (load_time_stats_)
     load_time_stats_->OnRequestWaitStateChange(request, state);
 }