| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/client_side_detection_service.h" | 5 #include "chrome/browser/safe_browsing/client_side_detection_service.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/time.h" | 9 #include "base/time.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| 11 #include "base/message_loop.h" | 11 #include "base/message_loop.h" |
| 12 #include "base/metrics/histogram.h" | 12 #include "base/metrics/histogram.h" |
| 13 #include "base/string_util.h" |
| 13 #include "base/stl_util.h" | 14 #include "base/stl_util.h" |
| 14 #include "base/task.h" | 15 #include "base/task.h" |
| 15 #include "base/time.h" | 16 #include "base/time.h" |
| 17 #include "chrome/browser/browser_process.h" |
| 18 #include "chrome/browser/safe_browsing/browser_features.h" |
| 19 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 16 #include "chrome/common/net/http_return.h" | 20 #include "chrome/common/net/http_return.h" |
| 17 #include "chrome/common/safe_browsing/client_model.pb.h" | 21 #include "chrome/common/safe_browsing/client_model.pb.h" |
| 18 #include "chrome/common/safe_browsing/csd.pb.h" | 22 #include "chrome/common/safe_browsing/csd.pb.h" |
| 19 #include "chrome/common/safe_browsing/safebrowsing_messages.h" | 23 #include "chrome/common/safe_browsing/safebrowsing_messages.h" |
| 24 #include "chrome/renderer/safe_browsing/features.h" |
| 20 #include "content/browser/browser_thread.h" | 25 #include "content/browser/browser_thread.h" |
| 21 #include "content/browser/renderer_host/render_process_host.h" | 26 #include "content/browser/renderer_host/render_process_host.h" |
| 22 #include "content/common/notification_service.h" | 27 #include "content/common/notification_service.h" |
| 23 #include "content/common/url_fetcher.h" | 28 #include "content/common/url_fetcher.h" |
| 24 #include "crypto/sha2.h" | 29 #include "crypto/sha2.h" |
| 25 #include "googleurl/src/gurl.h" | 30 #include "googleurl/src/gurl.h" |
| 26 #include "net/base/load_flags.h" | 31 #include "net/base/load_flags.h" |
| 27 #include "net/http/http_response_headers.h" | 32 #include "net/http/http_response_headers.h" |
| 28 #include "net/url_request/url_request_context_getter.h" | 33 #include "net/url_request/url_request_context_getter.h" |
| 29 #include "net/url_request/url_request_status.h" | 34 #include "net/url_request/url_request_status.h" |
| (...skipping 26 matching lines...) Expand all Loading... |
| 56 scoped_ptr<ClientReportPhishingRequestCallback> callback; | 61 scoped_ptr<ClientReportPhishingRequestCallback> callback; |
| 57 GURL phishing_url; | 62 GURL phishing_url; |
| 58 }; | 63 }; |
| 59 | 64 |
| 60 ClientSideDetectionService::CacheState::CacheState(bool phish, base::Time time) | 65 ClientSideDetectionService::CacheState::CacheState(bool phish, base::Time time) |
| 61 : is_phishing(phish), | 66 : is_phishing(phish), |
| 62 timestamp(time) {} | 67 timestamp(time) {} |
| 63 | 68 |
| 64 ClientSideDetectionService::ClientSideDetectionService( | 69 ClientSideDetectionService::ClientSideDetectionService( |
| 65 net::URLRequestContextGetter* request_context_getter) | 70 net::URLRequestContextGetter* request_context_getter) |
| 66 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)), | 71 : sb_service_(g_browser_process->safe_browsing_service()), |
| 72 ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)), |
| 67 request_context_getter_(request_context_getter) { | 73 request_context_getter_(request_context_getter) { |
| 74 InitializeAllowedFeatures(); |
| 68 registrar_.Add(this, content::NOTIFICATION_RENDERER_PROCESS_CREATED, | 75 registrar_.Add(this, content::NOTIFICATION_RENDERER_PROCESS_CREATED, |
| 69 NotificationService::AllSources()); | 76 NotificationService::AllSources()); |
| 70 } | 77 } |
| 71 | 78 |
| 72 ClientSideDetectionService::~ClientSideDetectionService() { | 79 ClientSideDetectionService::~ClientSideDetectionService() { |
| 73 method_factory_.RevokeAll(); | 80 method_factory_.RevokeAll(); |
| 74 STLDeleteContainerPairPointers(client_phishing_reports_.begin(), | 81 STLDeleteContainerPairPointers(client_phishing_reports_.begin(), |
| 75 client_phishing_reports_.end()); | 82 client_phishing_reports_.end()); |
| 76 client_phishing_reports_.clear(); | 83 client_phishing_reports_.clear(); |
| 77 } | 84 } |
| (...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 230 model_max_age_.reset(); | 237 model_max_age_.reset(); |
| 231 | 238 |
| 232 // Schedule the next model reload. | 239 // Schedule the next model reload. |
| 233 MessageLoop::current()->PostDelayedTask( | 240 MessageLoop::current()->PostDelayedTask( |
| 234 FROM_HERE, | 241 FROM_HERE, |
| 235 method_factory_.NewRunnableMethod( | 242 method_factory_.NewRunnableMethod( |
| 236 &ClientSideDetectionService::StartFetchModel), | 243 &ClientSideDetectionService::StartFetchModel), |
| 237 delay_ms); | 244 delay_ms); |
| 238 } | 245 } |
| 239 | 246 |
| 247 void ClientSideDetectionService::SanitizeRequestForPingback( |
| 248 const ClientPhishingRequest& full_request, |
| 249 ClientPhishingRequest* sanitized_request) { |
| 250 DCHECK(full_request.IsInitialized()); |
| 251 sanitized_request->Clear(); |
| 252 if (full_request.has_suffix_prefix_hash()) { |
| 253 sanitized_request->set_suffix_prefix_hash( |
| 254 full_request.suffix_prefix_hash()); |
| 255 } |
| 256 sanitized_request->set_client_score(full_request.client_score()); |
| 257 if (full_request.has_is_phishing()) { |
| 258 sanitized_request->set_is_phishing(full_request.is_phishing()); |
| 259 } |
| 260 |
| 261 for (int i = 0; i < full_request.feature_map_size(); ++i) { |
| 262 const ClientPhishingRequest_Feature& feature = full_request.feature_map(i); |
| 263 if (allowed_features_.find(feature.name()) != allowed_features_.end()) { |
| 264 sanitized_request->add_feature_map()->CopyFrom(feature); |
| 265 } |
| 266 } |
| 267 |
| 268 if (full_request.has_model_version()) { |
| 269 sanitized_request->set_model_version(full_request.model_version()); |
| 270 } |
| 271 |
| 272 for (int i = 0; i < full_request.non_model_feature_map_size(); ++i) { |
| 273 const ClientPhishingRequest_Feature& feature = |
| 274 full_request.non_model_feature_map(i); |
| 275 if (allowed_features_.find(feature.name()) != allowed_features_.end()) { |
| 276 sanitized_request->add_non_model_feature_map()->CopyFrom(feature); |
| 277 } |
| 278 } |
| 279 } |
| 280 |
| 240 void ClientSideDetectionService::StartClientReportPhishingRequest( | 281 void ClientSideDetectionService::StartClientReportPhishingRequest( |
| 241 ClientPhishingRequest* verdict, | 282 ClientPhishingRequest* verdict, |
| 242 ClientReportPhishingRequestCallback* callback) { | 283 ClientReportPhishingRequestCallback* callback) { |
| 243 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 284 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 244 scoped_ptr<ClientPhishingRequest> request(verdict); | 285 scoped_ptr<ClientPhishingRequest> request(verdict); |
| 245 scoped_ptr<ClientReportPhishingRequestCallback> cb(callback); | 286 scoped_ptr<ClientReportPhishingRequestCallback> cb(callback); |
| 246 | 287 |
| 288 // Create the version of the request proto that we'll send over the network. |
| 289 ClientPhishingRequest request_to_send; |
| 290 if (sb_service_ && sb_service_->CanReportStats()) { |
| 291 request_to_send.CopyFrom(*request); |
| 292 } else { |
| 293 SanitizeRequestForPingback(*request, &request_to_send); |
| 294 } |
| 295 |
| 247 std::string request_data; | 296 std::string request_data; |
| 248 if (!request->SerializeToString(&request_data)) { | 297 if (!request_to_send.SerializeToString(&request_data)) { |
| 249 UMA_HISTOGRAM_COUNTS("SBClientPhishing.RequestNotSerialized", 1); | 298 UMA_HISTOGRAM_COUNTS("SBClientPhishing.RequestNotSerialized", 1); |
| 250 VLOG(1) << "Unable to serialize the CSD request. Proto file changed?"; | 299 VLOG(1) << "Unable to serialize the CSD request. Proto file changed?"; |
| 251 if (cb.get()) { | 300 if (cb.get()) { |
| 252 cb->Run(GURL(request->url()), false); | 301 cb->Run(GURL(request->url()), false); |
| 253 } | 302 } |
| 254 return; | 303 return; |
| 255 } | 304 } |
| 256 | 305 |
| 257 URLFetcher* fetcher = URLFetcher::Create(0 /* ID is not used */, | 306 URLFetcher* fetcher = URLFetcher::Create(0 /* ID is not used */, |
| 258 GURL(kClientReportPhishingUrl), | 307 GURL(kClientReportPhishingUrl), |
| (...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 428 private_networks_.push_back(std::make_pair(ip_number, prefix_length)); | 477 private_networks_.push_back(std::make_pair(ip_number, prefix_length)); |
| 429 } else { | 478 } else { |
| 430 DLOG(FATAL) << "Unable to parse IP address range: " | 479 DLOG(FATAL) << "Unable to parse IP address range: " |
| 431 << kPrivateNetworks[i]; | 480 << kPrivateNetworks[i]; |
| 432 return false; | 481 return false; |
| 433 } | 482 } |
| 434 } | 483 } |
| 435 return true; | 484 return true; |
| 436 } | 485 } |
| 437 | 486 |
| 487 void ClientSideDetectionService::InitializeAllowedFeatures() { |
| 488 static const char* const kAllowedFeatures[] = { |
| 489 // Renderer (model) features. |
| 490 features::kUrlHostIsIpAddress, |
| 491 features::kUrlNumOtherHostTokensGTOne, |
| 492 features::kUrlNumOtherHostTokensGTThree, |
| 493 features::kPageHasForms, |
| 494 features::kPageActionOtherDomainFreq, |
| 495 features::kPageHasTextInputs, |
| 496 features::kPageHasPswdInputs, |
| 497 features::kPageHasRadioInputs, |
| 498 features::kPageHasCheckInputs, |
| 499 features::kPageExternalLinksFreq, |
| 500 features::kPageSecureLinksFreq, |
| 501 features::kPageNumScriptTagsGTOne, |
| 502 features::kPageNumScriptTagsGTSix, |
| 503 features::kPageImgOtherDomainFreq, |
| 504 // Browser (non-model) features. |
| 505 features::kUrlHistoryVisitCount, |
| 506 features::kUrlHistoryTypedCount, |
| 507 features::kUrlHistoryLinkCount, |
| 508 features::kUrlHistoryVisitCountMoreThan24hAgo, |
| 509 features::kHttpHostVisitCount, |
| 510 features::kHttpsHostVisitCount, |
| 511 features::kFirstHttpHostVisitMoreThan24hAgo, |
| 512 features::kFirstHttpsHostVisitMoreThan24hAgo, |
| 513 features::kHasSSLReferrer, |
| 514 features::kPageTransitionType, |
| 515 features::kIsFirstNavigation, |
| 516 features::kSafeBrowsingIsSubresource, |
| 517 features::kSafeBrowsingThreatType, |
| 518 }; |
| 519 |
| 520 for (size_t i = 0; i < arraysize(kAllowedFeatures); ++i) { |
| 521 allowed_features_.insert(kAllowedFeatures[i]); |
| 522 } |
| 523 } |
| 524 |
| 438 // static | 525 // static |
| 439 void ClientSideDetectionService::SetBadSubnets(const ClientSideModel& model, | 526 void ClientSideDetectionService::SetBadSubnets(const ClientSideModel& model, |
| 440 BadSubnetMap* bad_subnets) { | 527 BadSubnetMap* bad_subnets) { |
| 441 bad_subnets->clear(); | 528 bad_subnets->clear(); |
| 442 for (int i = 0; i < model.bad_subnet_size(); ++i) { | 529 for (int i = 0; i < model.bad_subnet_size(); ++i) { |
| 443 int size = model.bad_subnet(i).size(); | 530 int size = model.bad_subnet(i).size(); |
| 444 if (size < 0 || size > static_cast<int>(net::kIPv6AddressSize) * 8) { | 531 if (size < 0 || size > static_cast<int>(net::kIPv6AddressSize) * 8) { |
| 445 DLOG(ERROR) << "Invalid bad subnet size: " << size; | 532 DLOG(ERROR) << "Invalid bad subnet size: " << size; |
| 446 continue; | 533 continue; |
| 447 } | 534 } |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 480 } | 567 } |
| 481 } | 568 } |
| 482 for (int i = 0; i < model.page_word_size(); ++i) { | 569 for (int i = 0; i < model.page_word_size(); ++i) { |
| 483 if (model.page_word(i) < 0 || model.page_word(i) > max_index) { | 570 if (model.page_word(i) < 0 || model.page_word(i) > max_index) { |
| 484 return false; | 571 return false; |
| 485 } | 572 } |
| 486 } | 573 } |
| 487 return true; | 574 return true; |
| 488 } | 575 } |
| 489 } // namespace safe_browsing | 576 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7635010:
Add support for client-side phishing detection for non-UMA users. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src