Encrypt certificate reports before uploading to HTTP URLs

chrome/browser/safe_browsing/ping_manager.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/ping_manager.h"
 
 #include "base/logging.h"
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "chrome/browser/net/certificate_error_reporter.h"
 #include "chrome/common/env_vars.h"
 #include "content/public/browser/browser_thread.h"
 #include "google_apis/google_api_keys.h"
 #include "net/base/escape.h"
 #include "net/base/load_flags.h"
 #include "net/ssl/ssl_info.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_request_context_getter.h"
 #include "net/url_request/url_request_status.h"
 #include "url/gurl.h"
 
 using chrome_browser_net::CertificateErrorReporter;
 using content::BrowserThread;
 
 namespace {
-// URL to upload invalid certificate chain reports
-const char kExtendedReportingUploadUrl[] =
+// URLs to upload invalid certificate chain reports. The HTTP URL is
+// preferred since a client seeing an invalid cert might not be able to
+// make an HTTPS connection to report it.
+// TODO(estark): insert the production HTTP URL when it's ready
+const char kExtendedReportingUploadUrlInsecure[] = "";
+const char kExtendedReportingUploadUrlSecure[] =
     "https://sb-ssl.google.com/safebrowsing/clientreport/chrome-certs";
 }  // namespace
 
 // SafeBrowsingPingManager implementation ----------------------------------
 
 // static
 SafeBrowsingPingManager* SafeBrowsingPingManager::Create(
     net::URLRequestContextGetter* request_context_getter,
     const SafeBrowsingProtocolConfig& config) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
   return new SafeBrowsingPingManager(request_context_getter, config);
 }
 
 SafeBrowsingPingManager::SafeBrowsingPingManager(
     net::URLRequestContextGetter* request_context_getter,
     const SafeBrowsingProtocolConfig& config)
     : client_name_(config.client_name),
       request_context_getter_(request_context_getter),
-      url_prefix_(config.url_prefix),
-      certificate_error_reporter_(
-          request_context_getter
-              ? new CertificateErrorReporter(
-                    request_context_getter->GetURLRequestContext(),
-                    GURL(kExtendedReportingUploadUrl),
-                    CertificateErrorReporter::SEND_COOKIES)
-              : nullptr) {
+      url_prefix_(config.url_prefix) {
   DCHECK(!url_prefix_.empty());
 
+  if (request_context_getter) {
+    bool use_insecure_certificate_upload_url =
+        CertificateErrorReporter::IsHttpUploadUrlSupported() &&
+        strlen(kExtendedReportingUploadUrlInsecure) > 0;
+    GURL certificate_upload_url(use_insecure_certificate_upload_url
+                                    ? kExtendedReportingUploadUrlInsecure
+                                    : kExtendedReportingUploadUrlSecure);
+
+    certificate_error_reporter_.reset(new CertificateErrorReporter(
+        request_context_getter->GetURLRequestContext(), certificate_upload_url,
+        CertificateErrorReporter::SEND_COOKIES));
+  }
+
   version_ = SafeBrowsingProtocolManagerHelper::Version();
 }
 
 SafeBrowsingPingManager::~SafeBrowsingPingManager() {
   // Delete in-progress safebrowsing reports (hits and details).
   STLDeleteContainerPointers(safebrowsing_reports_.begin(),
                              safebrowsing_reports_.end());
 }
 
 // net::URLFetcherDelegate implementation ----------------------------------
@@ skipping 108 matching lines @@
           url_prefix_.c_str(),
           client_name_.c_str(),
           version_.c_str());
   std::string api_key = google_apis::GetAPIKey();
   if (!api_key.empty()) {
     base::StringAppendF(&url, "&key=%s",
                         net::EscapeQueryParamValue(api_key, true).c_str());
   }
   return GURL(url);
 }