OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef CHROME_BROWSER_POLICY_URL_BLACKLIST_MANAGER_H_ | |
6 #define CHROME_BROWSER_POLICY_URL_BLACKLIST_MANAGER_H_ | |
7 | |
8 #include <map> | |
9 #include <string> | |
10 | |
11 #include "base/basictypes.h" | |
12 #include "base/callback_forward.h" | |
13 #include "base/compiler_specific.h" | |
14 #include "base/containers/hash_tables.h" | |
15 #include "base/memory/ref_counted.h" | |
16 #include "base/memory/scoped_ptr.h" | |
17 #include "base/memory/weak_ptr.h" | |
18 #include "base/prefs/pref_change_registrar.h" | |
19 #include "components/url_matcher/url_matcher.h" | |
20 #include "url/gurl.h" | |
21 | |
22 class PrefService; | |
23 | |
24 namespace base { | |
25 class ListValue; | |
26 class SequencedTaskRunner; | |
27 } | |
28 | |
29 namespace net { | |
30 class URLRequest; | |
31 } | |
32 | |
33 namespace user_prefs { | |
34 class PrefRegistrySyncable; | |
35 } | |
36 | |
37 namespace policy { | |
38 | |
39 // Contains a set of filters to block and allow certain URLs, and matches GURLs | |
40 // against this set. The filters are currently kept in memory. | |
41 class URLBlacklist { | |
42 public: | |
43 // This is meant to be bound to URLFixerUpper::SegmentURL. See that function | |
44 // for documentation on the parameters and return value. | |
45 typedef std::string (*SegmentURLCallback)(const std::string&, | |
46 url_parse::Parsed*); | |
47 | |
48 explicit URLBlacklist(SegmentURLCallback segment_url); | |
49 virtual ~URLBlacklist(); | |
50 | |
51 // Allows or blocks URLs matching one of the filters, depending on |allow|. | |
52 void AddFilters(bool allow, const base::ListValue* filters); | |
53 | |
54 // URLs matching one of the |filters| will be blocked. The filter format is | |
55 // documented at | |
56 // http://www.chromium.org/administrators/url-blacklist-filter-format. | |
57 void Block(const base::ListValue* filters); | |
58 | |
59 // URLs matching one of the |filters| will be allowed. If a URL is both | |
60 // Blocked and Allowed, Allow takes precedence. | |
61 void Allow(const base::ListValue* filters); | |
62 | |
63 // Returns true if the URL is blocked. | |
64 bool IsURLBlocked(const GURL& url) const; | |
65 | |
66 // Returns the number of items in the list. | |
67 size_t Size() const; | |
68 | |
69 // Splits a URL filter into its components. A GURL isn't used because these | |
70 // can be invalid URLs e.g. "google.com". | |
71 // Returns false if the URL couldn't be parsed. | |
72 // The |host| is preprocessed so it can be passed to URLMatcher for the | |
73 // appropriate condition. | |
74 // The optional username and password are ignored. | |
75 // |match_subdomains| specifies whether the filter should include subdomains | |
76 // of the hostname (if it is one.) | |
77 // |port| is 0 if none is explicitly defined. | |
78 // |path| does not include query parameters. | |
79 static bool FilterToComponents(SegmentURLCallback segment_url, | |
80 const std::string& filter, | |
81 std::string* scheme, | |
82 std::string* host, | |
83 bool* match_subdomains, | |
84 uint16* port, | |
85 std::string* path); | |
86 | |
87 // Creates a condition set that can be used with the |url_matcher|. |id| needs | |
88 // to be a unique number that will be returned by the |url_matcher| if the URL | |
89 // matches that condition set. | |
90 static scoped_refptr<url_matcher::URLMatcherConditionSet> CreateConditionSet( | |
91 url_matcher::URLMatcher* url_matcher, | |
92 url_matcher::URLMatcherConditionSet::ID id, | |
93 const std::string& scheme, | |
94 const std::string& host, | |
95 bool match_subdomains, | |
96 uint16 port, | |
97 const std::string& path); | |
98 | |
99 private: | |
100 struct FilterComponents; | |
101 | |
102 // Returns true if |lhs| takes precedence over |rhs|. | |
103 static bool FilterTakesPrecedence(const FilterComponents& lhs, | |
104 const FilterComponents& rhs); | |
105 | |
106 SegmentURLCallback segment_url_; | |
107 url_matcher::URLMatcherConditionSet::ID id_; | |
108 std::map<url_matcher::URLMatcherConditionSet::ID, FilterComponents> filters_; | |
109 scoped_ptr<url_matcher::URLMatcher> url_matcher_; | |
110 | |
111 DISALLOW_COPY_AND_ASSIGN(URLBlacklist); | |
112 }; | |
113 | |
114 // Tracks the blacklist policies for a given profile, and updates it on changes. | |
115 // | |
116 // This class interacts with both the UI thread, where notifications of pref | |
117 // changes are received from, and the IO thread, which owns it (in the | |
118 // ProfileIOData) and checks for blacklisted URLs (from ChromeNetworkDelegate). | |
119 // | |
120 // It must be constructed on the UI thread, to set up |ui_weak_ptr_factory_| and | |
121 // the prefs listeners. | |
122 // | |
123 // ShutdownOnUIThread must be called from UI before destruction, to release | |
124 // the prefs listeners on the UI thread. This is done from ProfileIOData. | |
125 // | |
126 // Update tasks from the UI thread can post safely to the IO thread, since the | |
127 // destruction order of Profile and ProfileIOData guarantees that if this | |
128 // exists in UI, then a potential destruction on IO will come after any task | |
129 // posted to IO from that method on UI. This is used to go through IO before | |
130 // the actual update starts, and grab a WeakPtr. | |
131 class URLBlacklistManager { | |
132 public: | |
133 // Returns true if the blacklist should be skipped for |url|. | |
134 typedef bool (*SkipBlacklistCallback)(const GURL& url); | |
135 | |
136 // Must be constructed on the UI thread. | |
137 // |background_task_runner| is used to build the blacklist in a background | |
138 // thread. | |
139 // |io_task_runner| must be backed by the IO thread. | |
140 // |segment_url| is used to break a URL spec into its components. | |
141 URLBlacklistManager( | |
142 PrefService* pref_service, | |
143 const scoped_refptr<base::SequencedTaskRunner>& background_task_runner, | |
144 const scoped_refptr<base::SequencedTaskRunner>& io_task_runner, | |
145 URLBlacklist::SegmentURLCallback segment_url, | |
146 SkipBlacklistCallback skip_blacklist); | |
147 virtual ~URLBlacklistManager(); | |
148 | |
149 // Must be called on the UI thread, before destruction. | |
150 void ShutdownOnUIThread(); | |
151 | |
152 // Returns true if |url| is blocked by the current blacklist. Must be called | |
153 // from the IO thread. | |
154 bool IsURLBlocked(const GURL& url) const; | |
155 | |
156 // Returns true if |request| is blocked by the current blacklist. | |
157 // Only main frame and sub frame requests may be blocked; other sub resources | |
158 // or background downloads (e.g. extensions updates, sync, etc) are not | |
159 // filtered. The sync signin page is also not filtered. | |
160 // Must be called from the IO thread. | |
161 bool IsRequestBlocked(const net::URLRequest& request) const; | |
162 | |
163 // Replaces the current blacklist. Must be called on the IO thread. | |
164 // Virtual for testing. | |
165 virtual void SetBlacklist(scoped_ptr<URLBlacklist> blacklist); | |
166 | |
167 // Registers the preferences related to blacklisting in the given PrefService. | |
168 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); | |
169 | |
170 protected: | |
171 // Used to delay updating the blacklist while the preferences are | |
172 // changing, and execute only one update per simultaneous prefs changes. | |
173 void ScheduleUpdate(); | |
174 | |
175 // Updates the blacklist using the current preference values. | |
176 // Virtual for testing. | |
177 virtual void Update(); | |
178 | |
179 // Starts the blacklist update on the IO thread, using the filters in | |
180 // |block| and |allow|. Protected for testing. | |
181 void UpdateOnIO(scoped_ptr<base::ListValue> block, | |
182 scoped_ptr<base::ListValue> allow); | |
183 | |
184 private: | |
185 // --------- | |
186 // UI thread | |
187 // --------- | |
188 | |
189 // Used to post update tasks to the UI thread. | |
190 base::WeakPtrFactory<URLBlacklistManager> ui_weak_ptr_factory_; | |
191 | |
192 // Used to track the policies and update the blacklist on changes. | |
193 PrefChangeRegistrar pref_change_registrar_; | |
194 PrefService* pref_service_; // Weak. | |
195 | |
196 // Used to post tasks to a background thread. | |
197 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; | |
198 | |
199 // Used to post tasks to the IO thread. | |
200 scoped_refptr<base::SequencedTaskRunner> io_task_runner_; | |
201 | |
202 // Used to break a URL into its components. | |
203 URLBlacklist::SegmentURLCallback segment_url_; | |
204 | |
205 // Used to optionally skip blacklisting for some URLs. | |
206 SkipBlacklistCallback skip_blacklist_; | |
207 | |
208 // --------- | |
209 // IO thread | |
210 // --------- | |
211 | |
212 // Used to get |weak_ptr_| to self on the IO thread. | |
213 base::WeakPtrFactory<URLBlacklistManager> io_weak_ptr_factory_; | |
214 | |
215 // Used to post tasks to the UI thread. | |
216 scoped_refptr<base::SequencedTaskRunner> ui_task_runner_; | |
217 | |
218 // The current blacklist. | |
219 scoped_ptr<URLBlacklist> blacklist_; | |
220 | |
221 DISALLOW_COPY_AND_ASSIGN(URLBlacklistManager); | |
222 }; | |
223 | |
224 } // namespace policy | |
225 | |
226 #endif // CHROME_BROWSER_POLICY_URL_BLACKLIST_MANAGER_H_ | |
OLD | NEW |