| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/loader/resource_loader.h" | 5 #include "content/browser/loader/resource_loader.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/location.h" | 8 #include "base/location.h" |
| 9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
| 10 #include "base/profiler/scoped_tracker.h" | 10 #include "base/profiler/scoped_tracker.h" |
| 11 #include "base/single_thread_task_runner.h" | 11 #include "base/single_thread_task_runner.h" |
| 12 #include "base/thread_task_runner_handle.h" | 12 #include "base/thread_task_runner_handle.h" |
| 13 #include "base/time/time.h" | 13 #include "base/time/time.h" |
| 14 #include "content/browser/appcache/appcache_interceptor.h" | 14 #include "content/browser/appcache/appcache_interceptor.h" |
| 15 #include "content/browser/child_process_security_policy_impl.h" | 15 #include "content/browser/child_process_security_policy_impl.h" |
| 16 #include "content/browser/loader/cross_site_resource_handler.h" | 16 #include "content/browser/loader/cross_site_resource_handler.h" |
| 17 #include "content/browser/loader/detachable_resource_handler.h" | 17 #include "content/browser/loader/detachable_resource_handler.h" |
| 18 #include "content/browser/loader/resource_loader_delegate.h" | 18 #include "content/browser/loader/resource_loader_delegate.h" |
| 19 #include "content/browser/loader/resource_request_info_impl.h" | 19 #include "content/browser/loader/resource_request_info_impl.h" |
| 20 #include "content/browser/service_worker/service_worker_request_handler.h" | 20 #include "content/browser/service_worker/service_worker_request_handler.h" |
| 21 #include "content/browser/ssl/ssl_client_auth_handler.h" | 21 #include "content/browser/ssl/ssl_client_auth_handler.h" |
| 22 #include "content/browser/ssl/ssl_manager.h" | 22 #include "content/browser/ssl/ssl_manager.h" |
| 23 #include "content/browser/ssl/ssl_policy.h" |
| 23 #include "content/common/ssl_status_serialization.h" | 24 #include "content/common/ssl_status_serialization.h" |
| 24 #include "content/public/browser/cert_store.h" | 25 #include "content/public/browser/cert_store.h" |
| 25 #include "content/public/browser/resource_context.h" | 26 #include "content/public/browser/resource_context.h" |
| 26 #include "content/public/browser/resource_dispatcher_host_login_delegate.h" | 27 #include "content/public/browser/resource_dispatcher_host_login_delegate.h" |
| 27 #include "content/public/browser/signed_certificate_timestamp_store.h" | 28 #include "content/public/browser/signed_certificate_timestamp_store.h" |
| 28 #include "content/public/common/content_client.h" | 29 #include "content/public/common/content_client.h" |
| 29 #include "content/public/common/content_switches.h" | 30 #include "content/public/common/content_switches.h" |
| 30 #include "content/public/common/process_type.h" | 31 #include "content/public/common/process_type.h" |
| 31 #include "content/public/common/resource_response.h" | 32 #include "content/public/common/resource_response.h" |
| 33 #include "content/public/common/security_style.h" |
| 32 #include "net/base/io_buffer.h" | 34 #include "net/base/io_buffer.h" |
| 33 #include "net/base/load_flags.h" | 35 #include "net/base/load_flags.h" |
| 34 #include "net/http/http_response_headers.h" | 36 #include "net/http/http_response_headers.h" |
| 35 #include "net/ssl/client_cert_store.h" | 37 #include "net/ssl/client_cert_store.h" |
| 36 #include "net/url_request/redirect_info.h" | 38 #include "net/url_request/redirect_info.h" |
| 37 #include "net/url_request/url_request_status.h" | 39 #include "net/url_request/url_request_status.h" |
| 38 | 40 |
| 39 using base::TimeDelta; | 41 using base::TimeDelta; |
| 40 using base::TimeTicks; | 42 using base::TimeTicks; |
| 41 | 43 |
| (...skipping 26 matching lines...) Expand all Loading... |
| 68 handler->GetExtraResponseInfo(&response->head); | 70 handler->GetExtraResponseInfo(&response->head); |
| 69 } | 71 } |
| 70 AppCacheInterceptor::GetExtraResponseInfo( | 72 AppCacheInterceptor::GetExtraResponseInfo( |
| 71 request, | 73 request, |
| 72 &response->head.appcache_id, | 74 &response->head.appcache_id, |
| 73 &response->head.appcache_manifest_url); | 75 &response->head.appcache_manifest_url); |
| 74 if (info->is_load_timing_enabled()) | 76 if (info->is_load_timing_enabled()) |
| 75 request->GetLoadTimingInfo(&response->head.load_timing); | 77 request->GetLoadTimingInfo(&response->head.load_timing); |
| 76 } | 78 } |
| 77 | 79 |
| 80 void StoreSignedCertificateTimestamps( |
| 81 const net::SignedCertificateTimestampAndStatusList& sct_list, |
| 82 int process_id, |
| 83 SignedCertificateTimestampIDStatusList* sct_ids) { |
| 84 SignedCertificateTimestampStore* sct_store( |
| 85 SignedCertificateTimestampStore::GetInstance()); |
| 86 |
| 87 for (auto iter = sct_list.begin(); iter != sct_list.end(); ++iter) { |
| 88 const int sct_id(sct_store->Store(iter->sct.get(), process_id)); |
| 89 sct_ids->push_back( |
| 90 SignedCertificateTimestampIDAndStatus(sct_id, iter->status)); |
| 91 } |
| 92 } |
| 93 |
| 94 void GetSSLStatusForRequest(const GURL& url, |
| 95 const net::SSLInfo& ssl_info, |
| 96 int child_id, |
| 97 SSLStatus* ssl_status) { |
| 98 DCHECK(ssl_info.cert); |
| 99 |
| 100 int cert_id = |
| 101 CertStore::GetInstance()->StoreCert(ssl_info.cert.get(), child_id); |
| 102 |
| 103 SignedCertificateTimestampIDStatusList signed_certificate_timestamp_ids; |
| 104 StoreSignedCertificateTimestamps(ssl_info.signed_certificate_timestamps, |
| 105 child_id, &signed_certificate_timestamp_ids); |
| 106 |
| 107 ssl_status->cert_id = cert_id; |
| 108 ssl_status->cert_status = ssl_info.cert_status; |
| 109 ssl_status->security_bits = ssl_info.security_bits; |
| 110 ssl_status->connection_status = ssl_info.connection_status; |
| 111 ssl_status->signed_certificate_timestamp_ids = |
| 112 signed_certificate_timestamp_ids; |
| 113 ssl_status->security_style = |
| 114 SSLPolicy::GetSecurityStyleForResource(url, *ssl_status); |
| 115 } |
| 116 |
| 78 } // namespace | 117 } // namespace |
| 79 | 118 |
| 80 ResourceLoader::ResourceLoader(scoped_ptr<net::URLRequest> request, | 119 ResourceLoader::ResourceLoader(scoped_ptr<net::URLRequest> request, |
| 81 scoped_ptr<ResourceHandler> handler, | 120 scoped_ptr<ResourceHandler> handler, |
| 82 ResourceLoaderDelegate* delegate) | 121 ResourceLoaderDelegate* delegate) |
| 83 : deferred_stage_(DEFERRED_NONE), | 122 : deferred_stage_(DEFERRED_NONE), |
| 84 request_(request.Pass()), | 123 request_(request.Pass()), |
| 85 handler_(handler.Pass()), | 124 handler_(handler.Pass()), |
| 86 delegate_(delegate), | 125 delegate_(delegate), |
| 87 last_upload_position_(0), | 126 last_upload_position_(0), |
| (...skipping 448 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 536 if (!was_pending) { | 575 if (!was_pending) { |
| 537 // If the request isn't in flight, then we won't get an asynchronous | 576 // If the request isn't in flight, then we won't get an asynchronous |
| 538 // notification from the request, so we have to signal ourselves to finish | 577 // notification from the request, so we have to signal ourselves to finish |
| 539 // this request. | 578 // this request. |
| 540 base::ThreadTaskRunnerHandle::Get()->PostTask( | 579 base::ThreadTaskRunnerHandle::Get()->PostTask( |
| 541 FROM_HERE, base::Bind(&ResourceLoader::ResponseCompleted, | 580 FROM_HERE, base::Bind(&ResourceLoader::ResponseCompleted, |
| 542 weak_ptr_factory_.GetWeakPtr())); | 581 weak_ptr_factory_.GetWeakPtr())); |
| 543 } | 582 } |
| 544 } | 583 } |
| 545 | 584 |
| 546 void ResourceLoader::StoreSignedCertificateTimestamps( | |
| 547 const net::SignedCertificateTimestampAndStatusList& sct_list, | |
| 548 int process_id, | |
| 549 SignedCertificateTimestampIDStatusList* sct_ids) { | |
| 550 SignedCertificateTimestampStore* sct_store( | |
| 551 SignedCertificateTimestampStore::GetInstance()); | |
| 552 | |
| 553 for (net::SignedCertificateTimestampAndStatusList::const_iterator iter = | |
| 554 sct_list.begin(); iter != sct_list.end(); ++iter) { | |
| 555 const int sct_id(sct_store->Store(iter->sct.get(), process_id)); | |
| 556 sct_ids->push_back( | |
| 557 SignedCertificateTimestampIDAndStatus(sct_id, iter->status)); | |
| 558 } | |
| 559 } | |
| 560 | |
| 561 void ResourceLoader::CompleteResponseStarted() { | 585 void ResourceLoader::CompleteResponseStarted() { |
| 562 ResourceRequestInfoImpl* info = GetRequestInfo(); | 586 ResourceRequestInfoImpl* info = GetRequestInfo(); |
| 563 scoped_refptr<ResourceResponse> response(new ResourceResponse()); | 587 scoped_refptr<ResourceResponse> response(new ResourceResponse()); |
| 564 PopulateResourceResponse(info, request_.get(), response.get()); | 588 PopulateResourceResponse(info, request_.get(), response.get()); |
| 565 | 589 |
| 566 if (request_->ssl_info().cert.get()) { | 590 if (request_->ssl_info().cert.get()) { |
| 567 int cert_id = CertStore::GetInstance()->StoreCert( | 591 SSLStatus ssl_status; |
| 568 request_->ssl_info().cert.get(), info->GetChildID()); | 592 GetSSLStatusForRequest(request_->url(), request_->ssl_info(), |
| 593 info->GetChildID(), &ssl_status); |
| 569 | 594 |
| 570 SignedCertificateTimestampIDStatusList signed_certificate_timestamp_ids; | 595 response->head.security_info = SerializeSecurityInfo(ssl_status); |
| 571 StoreSignedCertificateTimestamps( | |
| 572 request_->ssl_info().signed_certificate_timestamps, | |
| 573 info->GetChildID(), | |
| 574 &signed_certificate_timestamp_ids); | |
| 575 | |
| 576 response->head.security_info = SerializeSecurityInfo( | |
| 577 cert_id, | |
| 578 request_->ssl_info().cert_status, | |
| 579 request_->ssl_info().security_bits, | |
| 580 request_->ssl_info().connection_status, | |
| 581 signed_certificate_timestamp_ids); | |
| 582 } else { | 596 } else { |
| 583 // We should not have any SSL state. | 597 // We should not have any SSL state. |
| 584 DCHECK(!request_->ssl_info().cert_status && | 598 DCHECK(!request_->ssl_info().cert_status && |
| 585 request_->ssl_info().security_bits == -1 && | 599 request_->ssl_info().security_bits == -1 && |
| 586 !request_->ssl_info().connection_status); | 600 !request_->ssl_info().connection_status); |
| 587 } | 601 } |
| 588 | 602 |
| 589 delegate_->DidReceiveResponse(this); | 603 delegate_->DidReceiveResponse(this); |
| 590 | 604 |
| 591 // TODO(darin): Remove ScopedTracker below once crbug.com/475761 is fixed. | 605 // TODO(darin): Remove ScopedTracker below once crbug.com/475761 is fixed. |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 687 } | 701 } |
| 688 | 702 |
| 689 void ResourceLoader::ResponseCompleted() { | 703 void ResourceLoader::ResponseCompleted() { |
| 690 DVLOG(1) << "ResponseCompleted: " << request_->url().spec(); | 704 DVLOG(1) << "ResponseCompleted: " << request_->url().spec(); |
| 691 RecordHistograms(); | 705 RecordHistograms(); |
| 692 ResourceRequestInfoImpl* info = GetRequestInfo(); | 706 ResourceRequestInfoImpl* info = GetRequestInfo(); |
| 693 | 707 |
| 694 std::string security_info; | 708 std::string security_info; |
| 695 const net::SSLInfo& ssl_info = request_->ssl_info(); | 709 const net::SSLInfo& ssl_info = request_->ssl_info(); |
| 696 if (ssl_info.cert.get() != NULL) { | 710 if (ssl_info.cert.get() != NULL) { |
| 697 int cert_id = CertStore::GetInstance()->StoreCert(ssl_info.cert.get(), | 711 SSLStatus ssl_status; |
| 698 info->GetChildID()); | 712 GetSSLStatusForRequest(request_->url(), ssl_info, info->GetChildID(), |
| 699 SignedCertificateTimestampIDStatusList signed_certificate_timestamp_ids; | 713 &ssl_status); |
| 700 StoreSignedCertificateTimestamps(ssl_info.signed_certificate_timestamps, | |
| 701 info->GetChildID(), | |
| 702 &signed_certificate_timestamp_ids); | |
| 703 | 714 |
| 704 security_info = SerializeSecurityInfo( | 715 security_info = SerializeSecurityInfo(ssl_status); |
| 705 cert_id, ssl_info.cert_status, ssl_info.security_bits, | |
| 706 ssl_info.connection_status, signed_certificate_timestamp_ids); | |
| 707 } | 716 } |
| 708 | 717 |
| 709 bool defer = false; | 718 bool defer = false; |
| 710 { | 719 { |
| 711 // TODO(darin): Remove ScopedTracker below once crbug.com/475761 is fixed. | 720 // TODO(darin): Remove ScopedTracker below once crbug.com/475761 is fixed. |
| 712 tracked_objects::ScopedTracker tracking_profile( | 721 tracked_objects::ScopedTracker tracking_profile( |
| 713 FROM_HERE_WITH_EXPLICIT_FUNCTION("475761 OnResponseCompleted()")); | 722 FROM_HERE_WITH_EXPLICIT_FUNCTION("475761 OnResponseCompleted()")); |
| 714 | 723 |
| 715 handler_->OnResponseCompleted(request_->status(), security_info, &defer); | 724 handler_->OnResponseCompleted(request_->status(), security_info, &defer); |
| 716 } | 725 } |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 755 case net::URLRequestStatus::FAILED: | 764 case net::URLRequestStatus::FAILED: |
| 756 status = STATUS_UNDEFINED; | 765 status = STATUS_UNDEFINED; |
| 757 break; | 766 break; |
| 758 } | 767 } |
| 759 | 768 |
| 760 UMA_HISTOGRAM_ENUMERATION("Net.Prefetch.Pattern", status, STATUS_MAX); | 769 UMA_HISTOGRAM_ENUMERATION("Net.Prefetch.Pattern", status, STATUS_MAX); |
| 761 } | 770 } |
| 762 } | 771 } |
| 763 | 772 |
| 764 } // namespace content | 773 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1244863003:
Attach a SecurityStyle to each request in ResourceLoader (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master