Run pre-classification checks in the browser before starting client-side phishing detection.

chrome/browser/safe_browsing/client_side_detection_service.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/client_side_detection_service.h"
 
 #include "base/command_line.h"
 #include "base/file_path.h"
 #include "base/file_util_proxy.h"
 #include "base/logging.h"
 #include "base/message_loop.h"
 #include "base/metrics/histogram.h"
 #include "base/platform_file.h"
 #include "base/scoped_ptr.h"
 #include "base/stl_util-inl.h"
 #include "base/task.h"
 #include "base/time.h"
 #include "chrome/browser/browser_thread.h"
+#include "chrome/browser/renderer_host/render_view_host.h"
 #include "chrome/browser/safe_browsing/csd.pb.h"
+#include "chrome/browser/tab_contents/provisional_load_details.h"
+#include "chrome/browser/tab_contents/tab_contents.h"
 #include "chrome/common/net/http_return.h"
 #include "chrome/common/net/url_fetcher.h"
 #include "chrome/common/net/url_request_context_getter.h"
+#include "chrome/common/notification_service.h"
+#include "chrome/common/notification_type.h"
+#include "chrome/common/render_messages.h"
 #include "googleurl/src/gurl.h"
 #include "net/base/load_flags.h"
 #include "net/url_request/url_request_status.h"
 
 namespace safe_browsing {
 
 const int ClientSideDetectionService::kMaxReportsPerDay = 3;
 
 const char ClientSideDetectionService::kClientReportPhishingUrl[] =
     "https://sb-ssl.google.com/safebrowsing/clientreport/phishing";
 const char ClientSideDetectionService::kClientModelUrl[] =
     "https://ssl.gstatic.com/safebrowsing/csd/client_model_v0.pb";
 
 struct ClientSideDetectionService::ClientReportInfo {
   scoped_ptr<ClientReportPhishingRequestCallback> callback;
   GURL phishing_url;
 };
 
+// ShouldClassifyUrlRequest tracks the pre-classification checks for a
+// toplevel URL that has started loading into a renderer.  When these
+// checks are complete, the renderer is notified if it should run
+// client-side phishing classification, then the ShouldClassifyUrlRequest
+// deletes itself.
+class ClientSideDetectionService::ShouldClassifyUrlRequest
+    : public NotificationObserver {
+ public:
+  ShouldClassifyUrlRequest(const GURL& url, TabContents* tab_contents)
+      : url_(url),
+        tab_contents_(tab_contents),
+        ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) {
+    DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+    registrar_.Add(this,
+                   NotificationType::TAB_CONTENTS_DESTROYED,
+                   Source<TabContents>(tab_contents));
+  }
+
+  virtual void Observe(NotificationType type,
+                       const NotificationSource& source,
+                       const NotificationDetails& details) {
+    switch (type.value) {
+      case NotificationType::TAB_CONTENTS_DESTROYED:
+        Cancel();
+        break;
+      default:
+        NOTREACHED();
+    };
+  }
+
+  void Start() {
+    // TODO(bryner): add pre-classification checks here.
+    // For now we just call Finish() asynchronously for consistency,
+    // since the pre-classification checks are asynchronous.
+    DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+    BrowserThread::PostTask(BrowserThread::UI,
+                            FROM_HERE,
+                            method_factory_.NewRunnableMethod(
+                                &ShouldClassifyUrlRequest::Finish));
+  }
+
+ private:
+  // This object always deletes itself, so make the destructor private.
+  virtual ~ShouldClassifyUrlRequest() {}
+
+  void Cancel() {
+    DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+    tab_contents_ = NULL;
+    Finish();
+  }
+
+  void Finish() {
+    if (tab_contents_) {
+      RenderViewHost* rvh = tab_contents_->render_view_host();
+      rvh->Send(new ViewMsg_StartPhishingDetection(rvh->routing_id(), url_));
+    }
+    delete this;
+  }
+
+  GURL url_;
+  TabContents* tab_contents_;
+  NotificationRegistrar registrar_;
+  ScopedRunnableMethodFactory<ShouldClassifyUrlRequest> method_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(ShouldClassifyUrlRequest);
+};
+
 ClientSideDetectionService::ClientSideDetectionService(
     const FilePath& model_path,
     URLRequestContextGetter* request_context_getter)
     : model_path_(model_path),
       model_status_(UNKNOWN_STATUS),
       model_file_(base::kInvalidPlatformFileValue),
       ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)),
       ALLOW_THIS_IN_INITIALIZER_LIST(callback_factory_(this)),
       request_context_getter_(request_context_getter) {
+  // Register to find out when pages begin loading into a renderer.
+  // When this happens, we'll start our pre-classificaton checks.
+  registrar_.Add(this,
+                 NotificationType::FRAME_PROVISIONAL_LOAD_COMMITTED,
+                 NotificationService::AllSources());
 }
 
 ClientSideDetectionService::~ClientSideDetectionService() {
   method_factory_.RevokeAll();
   STLDeleteContainerPairPointers(client_phishing_reports_.begin(),
                                  client_phishing_reports_.end());
   client_phishing_reports_.clear();
   STLDeleteElements(&open_callbacks_);
   CloseModelFile();
 }
@@ skipping 51 matching lines @@
   if (source == model_fetcher_.get()) {
     HandleModelResponse(source, url, status, response_code, cookies, data);
   } else if (client_phishing_reports_.find(source) !=
              client_phishing_reports_.end()) {
     HandlePhishingVerdict(source, url, status, response_code, cookies, data);
   } else {
     NOTREACHED();
   }
 }
 
+void ClientSideDetectionService::Observe(NotificationType type,
+                                         const NotificationSource& source,
+                                         const NotificationDetails& details) {
+  switch (type.value) {
+    case NotificationType::FRAME_PROVISIONAL_LOAD_COMMITTED: {
+      // Check whether the load should trigger a phishing classification.
+      ProvisionalLoadDetails* load_details =
+          Details<ProvisionalLoadDetails>(details).ptr();
+
+      if (load_details->main_frame() &&
+          (load_details->transition_type() & PageTransition::FORWARD_BACK) !=
+          PageTransition::FORWARD_BACK &&
+          !load_details->in_page_navigation()) {
+        NavigationController* controller =
+            Source<NavigationController>(source).ptr();
+        ShouldClassifyUrlRequest* request =
+            new ShouldClassifyUrlRequest(load_details->url(),
+                                         controller->tab_contents());

[lzheng, 2011/02/04 20:05:22]

what's the life-cycle of controller->tab_contents()? Will it be around during
request's async calls?

[Brian Ryner, 2011/02/10 01:12:52]

The request registers for the TAB_CONTENTS_DESTROYED notification on the
TabContents that it's attached to.  Once this is received, the TabContents
pointer is nulled out, and the request will no longer call any methods on it.

+        request->Start();  // the request will delete itself on completion
+      }
+      break;
+    }
+    default:
+      NOTREACHED();
+  };
+}
+
 void ClientSideDetectionService::SetModelStatus(ModelStatus status) {
   DCHECK_NE(READY_STATUS, model_status_);
   model_status_ = status;
   if (READY_STATUS == status || ERROR_STATUS == status) {
     for (size_t i = 0; i < open_callbacks_.size(); ++i) {
       open_callbacks_[i]->Run(model_file_);
     }
     STLDeleteElements(&open_callbacks_);
   } else {
     NOTREACHED();
@@ skipping 195 matching lines @@
   while (!phishing_report_times_.empty() &&
          phishing_report_times_.front() < cutoff) {
     phishing_report_times_.pop();
   }
 
   // Return the number of elements that are above the cutoff.
   return phishing_report_times_.size();
 }
 
 }  // namespace safe_browsing