Chromium Code Reviews Chromium Code Reviews
Issue 1024943002:
Add domain request detection to incident reporting service. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/safe_browsing/incident_reporting/script_request_detector.cc |
| diff --git a/chrome/browser/safe_browsing/incident_reporting/script_request_detector.cc b/chrome/browser/safe_browsing/incident_reporting/script_request_detector.cc |
| index f4d5759133edd70b6519428d50401e9f530783fe..b48b85688cce169f9152b7ef71f06fbb3670bbb1 100644 |
| --- a/chrome/browser/safe_browsing/incident_reporting/script_request_detector.cc |
| +++ b/chrome/browser/safe_browsing/incident_reporting/script_request_detector.cc |
| @@ -5,6 +5,7 @@ |
| #include "chrome/browser/safe_browsing/incident_reporting/script_request_detector.h" |
| #include "chrome/browser/profiles/profile.h" |
| +#include "chrome/browser/safe_browsing/incident_reporting/domain_request_incident.h" |
| #include "chrome/browser/safe_browsing/incident_reporting/incident_receiver.h" |
| #include "chrome/browser/safe_browsing/incident_reporting/script_request_incident.h" |
| #include "chrome/common/safe_browsing/csd.pb.h" |
| @@ -19,7 +20,7 @@ |
| namespace { |
| -const char* const kHashes[] = { |
| +const char* const kScriptHashes[] = { |
| "\x2b\x45\xc0\xda\x79\x4c\x65\x19\x4d\x78\x98\x85\x6c\xe8\xbd\x95" |
| "\xf5\x9a\x5a\xf4\x4e\xf9\x9f\x4f\x93\x35\x3b\xa8\x52\xc0\x02\xfb", |
| "\x05\xce\x5b\xda\xff\x28\x17\xf9\xc9\x38\x62\x6a\x39\x1b\x76\x56" |
| @@ -100,6 +101,113 @@ const char* const kHashes[] = { |
| "\x70\x03\x72\xea\xa8\x68\xdc\x95\x43\x6d\xdf\x40\x26\x58\xde\xe6", |
| }; |
| +const char* const kDomainHashes[] = { |
| + "\x1e\x11\x37\x30\xc2\x8a\xf5\xde\xac\x4c\xf3\x6b\x45\xbf\xc2\x64" |
| + "\x86\x73\x44\xad\xb5\x81\xb0\xc8\x54\x58\x6e\x6b\x6f\x92\x50\xc9", |
| + "\xac\xc0\x51\x88\x40\xfe\xdd\x9b\x02\x5b\x58\x8a\xe7\x19\x58\xaa" |
| + "\x45\xb9\x19\x7e\x8a\xf0\xd0\xa8\x2a\x53\x6e\xc4\x38\x31\xc9\x96", |
| + "\x2b\xbe\xdf\x89\x33\x2c\xe4\xc7\xcf\xca\x65\xfb\x91\x1c\x9d\x3a" |
| + "\x4e\x51\xbe\x56\xe3\xfa\x2c\x32\x78\x6b\x90\x03\x68\xf4\x3f\xc5", |
| + "\x5b\x81\x16\xa0\xce\xa4\x6d\x57\xbd\x38\x7f\xd0\x85\x25\x59\x53" |
| + "\xaf\x46\xf8\x24\x44\xde\x6e\x3e\x24\x96\x97\x9a\x7c\x53\xbc\xdf", |
| + "\x07\x9e\x8d\xe6\x1e\x5e\xb8\x35\x24\x84\x0f\xd9\x08\x2a\x99\xf3" |
| + "\x28\x73\xac\x7b\x67\x01\x33\xa3\x49\xf8\xad\xb7\xef\xc6\xb4\xb8", |
| + "\x9e\xb5\x08\x1e\x63\x1a\x76\xb1\x32\x6f\xf1\xf7\xad\x31\xbf\xf8" |
| + "\xa1\x65\x4a\x90\x6d\x08\xc5\xb4\xca\xb5\x7a\x83\xc9\xbf\x2f\xcc", |
| + "\x8e\xc5\xf8\x8f\x1e\x16\x5a\x6c\x32\x89\x03\xca\x57\xd2\x5b\xda" |
| + "\x90\xac\x27\x87\x8d\x31\x0d\x3e\xae\x23\xa9\xfd\x90\x3a\xca\x44", |
| + "\xae\xad\x0e\x56\xa8\x15\x77\xfd\x7e\x57\x31\x73\x09\xd0\x64\x17" |
| + "\x39\xdb\x81\x5f\x21\x9a\x68\x7c\x93\x31\xd6\x08\x44\x9e\xe0\x8c", |
| + "\xe9\x50\x69\xc7\xfe\xd2\x6b\xc6\x07\xd5\x0e\x4d\x66\x0f\xf7\x7e" |
| + "\xc8\xdd\xb8\xba\xdd\x77\x24\x50\x22\x4a\xfe\xb0\x17\x6c\x97\x70", |
| + "\x2a\xa2\xd3\xaa\x45\x98\xf7\x02\x21\x25\xc0\xe2\x8d\x56\x57\xe5" |
| + "\xc5\x50\x63\x86\x1a\x31\xfd\xae\x68\x63\x68\x60\x97\xaf\x70\xb9", |
| + "\xb3\xc9\x4e\x79\x0b\x34\xec\x92\xba\x62\x6d\x0a\x1a\xe8\xb8\xed" |
| + "\xf6\x32\xb6\x46\xeb\x48\x12\xa2\x7c\x97\x8c\x01\x5f\xab\x00\xf1", |
| + "\xb1\x46\x39\xdc\x41\x12\xdf\x27\x41\x20\x0c\x29\x34\xc0\x76\x3f" |
| + "\xdc\xfa\x19\x4d\x76\xfe\x7b\xce\x0e\x22\x00\x36\x0d\xc8\xaa\x61", |
| + "\xfb\x3a\xc8\xdc\x0e\x89\xa0\x6a\xf5\xe4\x6d\x8b\x47\x05\xdb\x0b" |
| + "\x27\xeb\x15\x41\x14\xdc\xbc\xa1\x3a\x63\x10\xc2\xb6\x28\xcd\xc9", |
| + "\x98\xa0\x19\x03\x97\x3b\xee\x5b\x7d\x11\xde\xa4\xd2\x07\x58\xa0" |
| + "\x5d\x4a\x45\x85\x95\x5d\xd5\x82\x74\x12\x64\xbf\x7a\x3d\x84\x84", |
| + "\xc9\x05\x29\x1e\x3f\x37\x68\x4a\xac\x50\x36\x0b\xc8\x31\x4d\x5c" |
| + "\xa7\x3b\x3d\x5c\x1b\xeb\xd3\xcc\xbb\x9e\x74\x64\x69\x42\x23\x6c", |
| + "\xe9\x68\xe5\x82\xc8\xb6\x78\xc4\xb2\xcc\xfa\xa2\xd2\x6c\x58\x89" |
| + "\x59\x41\xee\x98\x25\x64\xd4\x12\x59\x81\x2c\xea\xa6\xd3\x23\xd8", |
| + "\x7f\xd8\x3f\x84\x70\xfd\x08\x9b\xe6\x66\x65\x77\x4a\x0e\x20\x25" |
| + "\xc9\x9a\xc0\x6c\x12\x82\x00\x08\x4a\x62\xe8\x1c\xa7\xb3\x90\x07", |
| + "\xaa\x45\x3b\x66\xab\x46\x95\x21\x92\x5f\x7c\xc3\xab\xa3\x3e\x5e" |
| + "\x23\x14\x4a\x50\xfa\x5d\xb8\xf5\x25\x29\x42\x23\x6c\x23\x95\xeb", |
| + "\xf9\xcf\x8a\x1c\xc0\x7f\x38\x8d\x20\x5d\xe9\x88\x00\xdf\x6b\xb3" |
| + "\xc4\x39\xa4\x4f\x61\x65\x6e\x43\x35\x54\x2c\x15\x50\xc3\xa3\x21", |
| + "\xc4\x1b\x1a\x9d\xdd\x18\xd3\xb7\xdd\x2c\x02\x07\xfd\x63\x3b\x53" |
| + "\x7b\xe0\x1d\x17\xcf\x15\xc9\x25\xa8\x76\xd1\x41\x9e\x62\x34\x0a", |
| + "\xc3\xeb\x5e\x05\x55\x1e\x63\xe9\x6e\xa7\x98\x92\xd7\x3b\x45\xe1" |
| + "\x5f\xbc\xc4\xf0\x2f\xb1\x9f\xbf\x4b\x1f\xe5\xdd\xde\x76\x2a\x77", |
| + "\xfc\xd4\xa8\x97\x50\x0d\xba\x15\xac\x3c\x2b\x6e\x2b\x79\x93\xcd" |
| + "\x18\x1a\xb1\xad\x32\x04\x27\x01\x39\xf7\x6d\x7a\x39\xb5\x92\x35", |
| + "\x97\x94\xec\x59\x45\xd8\xfe\xa3\x73\x1f\x03\xe6\xb2\xfc\x2e\xe8" |
| + "\xf7\x95\xe3\xaf\x8f\x97\x01\x6f\xef\x6b\x7b\xee\x41\x5e\x27\x7e", |
| + "\x75\xc1\x70\x94\x68\xf6\xcc\x07\xb7\xbe\x0b\x84\x0c\x64\xa8\x47" |
| + "\x4e\xea\x7f\x75\x3b\xcb\x28\x39\xab\xe5\x14\x8a\xb4\x5a\x38\xb2", |
| + "\x94\x48\xfd\x84\x30\xba\x7d\x81\x04\xdc\xbb\x16\xa1\x06\xa9\xe4" |
| + "\xb1\xa7\xff\xc5\x13\x22\xed\x4e\x05\xfe\xf9\xb8\x69\xfe\x23\xd4", |
| + "\xb5\x32\x33\x46\x6c\x29\xe2\x74\xa6\x63\x60\x70\xdb\x20\x15\x12" |
| + "\x0a\x67\xf0\x3a\xad\xf9\x0c\x33\x91\x4c\x90\x5c\x55\x92\x1f\xf8", |
| + "\x16\xe6\x9c\xdf\xa2\x18\x13\x60\xe4\x2b\xb3\x07\x29\xa8\xd8\x1b" |
| + "\xc5\xa8\xd1\x85\x42\x67\x57\x81\x55\x34\x97\x1d\x8c\xe9\xee\xb7", |
| + "\x28\x3f\x74\x64\xb2\x15\xfc\x1b\x75\xcd\x69\x88\x04\x1b\x27\x62" |
| + "\xd0\xc2\xdc\xbe\x31\xbe\xb5\x30\xa3\x6e\x01\xdd\x0f\x4e\x31\x2b", |
| + "\x75\xc2\x30\x5b\xa3\x9b\xff\x0d\xdc\x75\xdf\x20\x8e\xa1\xe6\x5c" |
| + "\x17\xab\xf0\x58\x06\xf3\xda\x9f\xa5\xaa\x98\xfe\x1a\x7e\x74\x2b", |
| + "\x3c\xc1\x60\xc5\xd0\x56\x0d\x08\xd5\x19\xbf\x08\x51\x18\x9b\xc8" |
| + "\xdd\x8d\x58\x5f\x1d\x75\x88\x14\x73\x8c\xda\x66\x12\x94\x8a\xeb", |
| + "\x54\xba\x7d\x21\x4e\x4e\xc2\xf3\x37\x37\x86\xcd\xbe\x7b\x89\x42" |
| + "\xa9\x7b\x3b\xec\x69\x49\x6c\x1c\x58\xb8\x4d\xe8\x06\x1c\x88\x37", |
| + "\x62\xef\x4d\x5f\xa4\x64\x80\xd6\x97\xd2\xd0\xbd\x31\x30\x03\x5f" |
| + "\x22\x37\x8d\x48\xdd\x8a\xb2\xf0\xe3\x57\x35\x98\x37\x70\x32\x25", |
| + "\x23\x93\xc0\xa1\xd4\x27\xbd\x64\x65\x86\xe1\xa4\x86\x99\x99\x47" |
| + "\x89\xf9\x69\xe2\xba\xce\x7c\x42\xc7\x5d\xbc\xe9\x14\x73\x1c\x8d", |
| + "\x10\xe5\x75\x6d\x09\x43\xb3\xca\x0d\x1b\x78\xd1\xc2\x1a\xe5\xc0" |
| + "\xd8\x29\x57\x86\x87\xe3\x43\x95\x87\xf6\x92\x83\x5e\x08\x4f\x7a", |
| + "\x1c\xf9\xec\x01\x62\xbe\x78\x9b\x0e\x42\x3b\x7e\x70\x47\x27\x46" |
| + "\x34\x52\x6e\x45\x1b\x60\x6e\xaf\xcb\x74\x8e\xdd\xbd\xe3\x4f\x5a", |
| + "\x62\x02\x40\x4d\x50\xd8\x2a\xd0\x67\xdc\xb5\xc7\xfc\x13\xe9\x66" |
| + "\x6a\x14\x33\x7e\xef\xf7\x20\x83\x4c\xf6\x32\xf4\x7a\x75\x32\xa1", |
| + "\x35\x89\xab\x5d\xeb\xd5\x4c\x3a\x0f\x34\xeb\x35\x39\x9d\x51\xda" |
| + "\x7c\x98\x40\xb7\xd4\xca\x5b\x5e\x3f\x82\x22\xbb\xd6\x56\x42\x78", |
| + "\x30\x91\xf8\x24\xa3\xb6\x66\xb0\xc5\xe6\xe0\xfc\xa8\xfc\x2c\x9f" |
| + "\x53\x09\x3f\xe5\x4f\x19\xab\xae\x09\xbc\x40\xa9\xd1\x37\x8e\x84", |
| + "\xfa\x5a\x2f\xf0\xb0\x3e\x81\xbb\x7b\x4b\xc0\xf0\x67\xf1\xbe\x9d" |
| + "\x86\x87\x51\xe6\x72\x34\x70\x02\xc2\xec\xb5\x66\xe7\xd1\x4d\x55", |
| + "\x10\x24\x54\x8f\xe4\x06\x49\x6b\x0f\xcf\x95\x5c\xf9\xa6\xdc\xa9" |
| + "\xc0\x7d\xda\xda\x78\x21\x57\x40\xdb\xb3\x54\x5f\x3b\x53\x48\xee", |
| + "\xf7\xf2\x47\x19\x6e\x7d\x14\x08\x4b\xf3\x6f\x5c\x40\x19\x11\x54" |
| + "\x68\xa5\x0d\xde\x6e\xba\x5e\x1b\x34\x04\x72\x41\x55\x31\xb1\x18", |
| + "\xb6\xfa\x48\xa8\xd7\x20\xde\x56\x8c\x90\x81\xac\xaf\xd8\xf2\xe6" |
| + "\xab\x56\xbb\x64\x1e\xbc\x93\x56\x3f\xce\xac\xd9\xa7\x4d\xa8\x40", |
| + "\xfb\x8b\x14\x2e\xa8\x6a\x77\xaf\x7c\x13\x8a\x38\x6b\xd9\xf1\xc8" |
| + "\x87\x63\x8d\x00\xe4\xac\xf2\x11\x4a\x1f\x39\x57\x1f\xa6\xca\xdf", |
| + "\xba\xad\xe8\xdb\x70\x80\x8d\xbd\x3c\xc7\x6b\xd6\x02\x6a\x41\x40" |
| + "\x62\x45\x7b\x18\x65\x94\xf3\x56\xc5\x24\x1e\xcb\x81\x8d\x45\x09", |
| + "\x8f\xd5\xf8\xd3\x29\x82\x94\x51\xa8\xe6\x3a\x9d\x3a\xc7\x51\xe1" |
| + "\xd3\x54\x32\xcb\x2c\x20\x98\x5a\x70\x04\x18\xfd\x49\x75\x85\x6e", |
| + "\x90\x73\x6e\x8e\xe9\x75\xdf\xc6\x7e\xe7\x00\xe4\x4d\xc7\x0f\x04" |
| + "\xe6\x58\x78\xa3\xbc\x98\x22\xb9\x38\xe0\xf0\x67\xe2\xa9\x8e\x1f", |
| + "\x99\x3b\x39\x8e\x69\x7f\x28\xfd\x09\x8d\xc9\xed\xf9\x57\x0e\x41" |
| + "\x1b\x41\x48\x40\x37\xf4\x77\xd3\x07\xbd\x82\xc6\xda\x16\xa8\xec", |
| + "\x6d\x57\xf2\xd8\xf9\x6a\x82\x76\x1d\xb6\x8a\xe8\xb6\x3a\xcc\xd4" |
| + "\x30\x59\xdd\xa6\x18\x64\xac\xd9\x83\x80\x7c\x75\x7a\xdf\x20\xfe", |
| + "\x33\x5a\x23\xb0\xde\xd3\x7f\xc2\x96\xb7\x2e\xd4\x8a\xdc\x65\x0e" |
| + "\xe6\x95\x6b\x41\xf0\xfe\xa0\xdf\xdf\x28\x73\xce\x6e\x1d\x79\x2d", |
| + "\x13\xe3\xbc\x23\xb3\xf2\x10\x76\x10\xe8\x83\x8b\x83\xf0\x5e\x8d" |
| + "\x4a\x8e\xf3\x98\x4d\x05\x03\x53\x69\xe0\xc0\x21\x9f\x69\x3f\x77", |
| + "\xba\x88\x57\x60\x31\x4c\xd9\x6b\x21\x3e\xa3\x88\xe7\x45\x6c\x41" |
| + "\x91\x66\xf2\x08\xd0\x89\xe6\x39\x68\x6c\xb8\x7a\xd7\x7d\x9f\x76", |
| + "\xcd\xd5\x93\x5a\xe2\xdb\xf3\x63\xeb\xfd\xd0\x88\x49\x7d\xf6\x29" |
| + "\xbf\x1f\xee\x3a\xda\xa1\x95\x38\x4d\xc3\x91\x21\xce\x01\xd1\x8d", |
| +}; |
| + |
| Profile* GetProfileForRenderProcessId(int render_process_id) { |
| // How to get a profile from a RenderProcess id: |
| // 1) Get the RenderProcessHost |
| @@ -134,7 +242,7 @@ ScriptRequestDetector::ScriptRequestDetector( |
| : incident_receiver_(incident_receiver.Pass()), |
| allow_null_profile_for_testing_(false), |
| weak_ptr_factory_(this) { |
| - InitializeScriptSet(); |
| + InitializeHashSets(); |
| } |
| ScriptRequestDetector::~ScriptRequestDetector() { |
| @@ -145,6 +253,42 @@ void ScriptRequestDetector::OnResourceRequest(const net::URLRequest* request) { |
| if (!request->url().SchemeIsHTTPOrHTTPS()) |
| return; |
| + DetectDomainRequests(request); |
| + DetectScriptRequests(request); |
| +} |
| + |
| +void ScriptRequestDetector::DetectDomainRequests( |
| + const net::URLRequest* request) { |
| + std::string domain(request->url().host()); |
| + std::string domain_digest(crypto::kSHA256Length, '\0'); |
| + crypto::SHA256HashString(domain.c_str(), &domain_digest[0], |
|
grt (UTC plus 2)
2015/03/20 20:50:04
use request->url().host() directly here
romanl
2015/03/26 22:01:47
Done.
|
| + crypto::kSHA256Length); |
| + |
| + if (domain_set_.count(domain_digest)) { |
| + DVLOG(1) << "Domain detector match found."; |
| + |
| + scoped_ptr<ClientIncidentReport_IncidentData_DomainRequestIncident> |
| + incident_data( |
| + new ClientIncidentReport_IncidentData_DomainRequestIncident()); |
| + incident_data->set_domain_digest(domain_digest); |
| + |
| + // This next bit of work needs a profile, so has to happen on the UI |
| + // thread. |
| + int render_process_id = 0; |
| + int render_frame_id = 0; |
| + content::ResourceRequestInfo::GetRenderFrameForRequest( |
| + request, &render_process_id, &render_frame_id); |
| + |
| + content::BrowserThread::PostTask( |
| + content::BrowserThread::UI, FROM_HERE, |
| + base::Bind(&ScriptRequestDetector::ReportDomainIncidentOnUIThread, |
| + weak_ptr_factory_.GetWeakPtr(), render_process_id, |
| + render_frame_id, base::Passed(&incident_data))); |
| + } |
| +} |
| + |
| +void ScriptRequestDetector::DetectScriptRequests( |
| + const net::URLRequest* request) { |
| const content::ResourceRequestInfo* request_info = |
| content::ResourceRequestInfo::ForRequest(request); |
| @@ -175,7 +319,7 @@ void ScriptRequestDetector::OnResourceRequest(const net::URLRequest* request) { |
| content::BrowserThread::PostTask( |
| content::BrowserThread::UI, FROM_HERE, |
| - base::Bind(&ScriptRequestDetector::ReportIncidentOnUIThread, |
| + base::Bind(&ScriptRequestDetector::ReportScriptIncidentOnUIThread, |
| weak_ptr_factory_.GetWeakPtr(), render_process_id, |
| render_frame_id, base::Passed(&incident_data))); |
| } |
| @@ -186,14 +330,37 @@ void ScriptRequestDetector::set_allow_null_profile_for_testing( |
| allow_null_profile_for_testing_ = allow_null_profile_for_testing; |
| } |
| -void ScriptRequestDetector::InitializeScriptSet() { |
| +void ScriptRequestDetector::InitializeHashSets() { |
| // Store a hashed set of decoded string hashes. Probably slower than a linear |
| // search for this size list, but this is only temporary. |
| - for (const char* encoded_hash : kHashes) |
| + for (const char* encoded_hash : kScriptHashes) |
| script_set_.insert(std::string(encoded_hash, crypto::kSHA256Length)); |
| + |
| + for (const char* encoded_hash : kDomainHashes) |
| + domain_set_.insert(std::string(encoded_hash, crypto::kSHA256Length)); |
| +} |
| + |
| +void ScriptRequestDetector::ReportDomainIncidentOnUIThread( |
| + int render_process_id, |
| + int render_frame_id, |
| + scoped_ptr<ClientIncidentReport_IncidentData_DomainRequestIncident> |
| + incident_data) { |
| + DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| + |
| + Profile* profile = GetProfileForRenderProcessId(render_process_id); |
| + if (profile || allow_null_profile_for_testing_) { |
| + // Add the URL obtained from the RenderFrameHost, if available. |
| + GURL host_url = GetUrlForRenderFrameId(render_process_id, render_frame_id); |
| + if (host_url.is_valid()) |
| + incident_data->set_request_origin(host_url.GetOrigin().spec()); |
| + |
| + incident_receiver_->AddIncidentForProfile( |
| + profile, |
| + make_scoped_ptr(new DomainRequestIncident(incident_data.Pass()))); |
| + } |
| } |
| -void ScriptRequestDetector::ReportIncidentOnUIThread( |
| +void ScriptRequestDetector::ReportScriptIncidentOnUIThread( |
| int render_process_id, |
| int render_frame_id, |
| scoped_ptr<ClientIncidentReport_IncidentData_ScriptRequestIncident> |
