Chromium Code Reviews Chromium Code Reviews
Issue 7792004:
Parse the whitelist expressions from the phishing verdict response if (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/client_side_detection_service.h" | 5 #include "chrome/browser/safe_browsing/client_side_detection_service.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/time.h" | 9 #include "base/time.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 396 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 407 const net::ResponseCookies& cookies, | 407 const net::ResponseCookies& cookies, |
| 408 const std::string& data) { | 408 const std::string& data) { |
| 409 ClientPhishingResponse response; | 409 ClientPhishingResponse response; |
| 410 scoped_ptr<ClientReportInfo> info(client_phishing_reports_[source]); | 410 scoped_ptr<ClientReportInfo> info(client_phishing_reports_[source]); |
| 411 bool is_phishing = false; | 411 bool is_phishing = false; |
| 412 if (status.is_success() && RC_REQUEST_OK == response_code && | 412 if (status.is_success() && RC_REQUEST_OK == response_code && |
| 413 response.ParseFromString(data)) { | 413 response.ParseFromString(data)) { |
| 414 // Cache response, possibly flushing an old one. | 414 // Cache response, possibly flushing an old one. |
| 415 cache_[info->phishing_url] = | 415 cache_[info->phishing_url] = |
| 416 make_linked_ptr(new CacheState(response.phishy(), base::Time::Now())); | 416 make_linked_ptr(new CacheState(response.phishy(), base::Time::Now())); |
| 417 is_phishing = response.phishy(); | 417 is_phishing = (response.phishy() && |
| 418 !IsFalsePositiveResponse(info->phishing_url, response)); | |
| 418 } else { | 419 } else { |
| 419 DLOG(ERROR) << "Unable to get the server verdict for URL: " | 420 DLOG(ERROR) << "Unable to get the server verdict for URL: " |
| 420 << info->phishing_url << " status: " << status.status() << " " | 421 << info->phishing_url << " status: " << status.status() << " " |
| 421 << "response_code:" << response_code; | 422 << "response_code:" << response_code; |
| 422 } | 423 } |
| 423 if (info->callback.get()) { | 424 if (info->callback.get()) { |
| 424 info->callback->Run(info->phishing_url, is_phishing); | 425 info->callback->Run(info->phishing_url, is_phishing); |
| 425 } | 426 } |
| 426 client_phishing_reports_.erase(source); | 427 client_phishing_reports_.erase(source); |
| 427 delete source; | 428 delete source; |
| (...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 601 return false; | 602 return false; |
| 602 } | 603 } |
| 603 } | 604 } |
| 604 for (int i = 0; i < model.page_word_size(); ++i) { | 605 for (int i = 0; i < model.page_word_size(); ++i) { |
| 605 if (model.page_word(i) < 0 || model.page_word(i) > max_index) { | 606 if (model.page_word(i) < 0 || model.page_word(i) > max_index) { |
| 606 return false; | 607 return false; |
| 607 } | 608 } |
| 608 } | 609 } |
| 609 return true; | 610 return true; |
| 610 } | 611 } |
| 612 | |
| 613 // static | |
| 614 bool ClientSideDetectionService::IsFalsePositiveResponse( | |
| 615 const GURL& url, | |
| 616 const ClientPhishingResponse& response) { | |
| 617 if (!response.phishy() || response.whitelist_expression_size() == 0) { | |
| 618 return false; | |
| 619 } | |
| 620 // This whitelist is special. A particular URL gets whitelisted if it | |
| 621 // matches any of the expressions on the whitelist or if any of the whitelist | |
| 622 // entries matches the URL. | |
| 623 | |
| 624 std::string host, path, query; | |
| 625 safe_browsing_util::CanonicalizeUrl(url, &host, &path, &query); | |
| 626 std::string canonical_url = host + path + query; | |
|
Brian Ryner
2011/08/31 00:16:33
Maybe call this canonical_url_as_pattern or someth
noelutz
2011/08/31 00:53:50
Done.
| |
| 627 | |
| 628 std::vector<std::string> url_patterns; | |
| 629 safe_browsing_util::GeneratePatternsToCheck(url, &url_patterns); | |
| 630 | |
| 631 for (int i = 0; i < response.whitelist_expression_size(); ++i) { | |
| 632 GURL whitelisted_url = GURL(std::string("http://") + | |
|
Brian Ryner
2011/08/31 00:16:33
Can't you just do:
GURL whitelisted_url(std::stri
noelutz
2011/08/31 00:53:50
Done.
| |
| 633 response.whitelist_expression(i)); | |
| 634 if (!whitelisted_url.is_valid()) { | |
| 635 continue; // Skip invalid whitelist expressions. | |
|
Brian Ryner
2011/08/31 00:16:33
We never expect this to happen, right? I wonder i
noelutz
2011/08/31 00:53:50
Done.
| |
| 636 } | |
| 637 // First, we check whether the canonical URL matches any of the whitelisted | |
| 638 // expressions. | |
| 639 for (size_t j = 0; j < url_patterns.size(); ++j) { | |
| 640 if (url_patterns[j] == response.whitelist_expression(i)) { | |
| 641 return true; | |
| 642 } | |
| 643 } | |
| 644 // Second, we consider the canonical URL as an expression and we check | |
| 645 // whether any of the whitelist entries matches that expression. | |
| 646 std::vector<std::string> whitelist_patterns; | |
| 647 safe_browsing_util::GeneratePatternsToCheck(whitelisted_url, | |
| 648 &whitelist_patterns); | |
| 649 for (size_t j = 0; j < whitelist_patterns.size(); ++j) { | |
| 650 if (whitelist_patterns[j] == canonical_url) { | |
| 651 return true; | |
| 652 } | |
| 653 } | |
| 654 } | |
| 655 return false; | |
| 656 } | |
| 611 } // namespace safe_browsing | 657 } // namespace safe_browsing |
| OLD | NEW |
