| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/unverified_download_policy.h" | 5 #include "chrome/browser/safe_browsing/unverified_download_policy.h" |
| 6 | 6 |
| 7 #include "base/bind.h" |
| 8 #include "base/callback.h" |
| 7 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
| 8 #include "base/metrics/sparse_histogram.h" | 10 #include "base/metrics/sparse_histogram.h" |
| 11 #include "chrome/browser/browser_process.h" |
| 12 #include "chrome/browser/safe_browsing/database_manager.h" |
| 13 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 9 #include "chrome/browser/safe_browsing/unverified_download_field_trial.h" | 14 #include "chrome/browser/safe_browsing/unverified_download_field_trial.h" |
| 10 #include "chrome/common/safe_browsing/download_protection_util.h" | 15 #include "chrome/common/safe_browsing/download_protection_util.h" |
| 16 #include "content/public/browser/browser_thread.h" |
| 11 | 17 |
| 12 namespace safe_browsing { | 18 namespace safe_browsing { |
| 13 | 19 |
| 14 bool IsUnverifiedDownloadAllowed(const base::FilePath& file) { | 20 namespace { |
| 15 // Currently, the policy is determined entirely by a field trial. | 21 |
| 16 bool is_allowed = IsUnverifiedDownloadAllowedByFieldTrial(file); | 22 void RespondWithPolicy( |
| 23 const base::FilePath& file, |
| 24 const UnverifiedDownloadCheckCompletionCallback& callback, |
| 25 UnverifiedDownloadPolicy policy) { |
| 17 int uma_file_type = | 26 int uma_file_type = |
| 18 download_protection_util::GetSBClientDownloadExtensionValueForUMA(file); | 27 download_protection_util::GetSBClientDownloadExtensionValueForUMA(file); |
| 19 if (is_allowed) { | 28 if (policy == UnverifiedDownloadPolicy::ALLOWED) { |
| 20 UMA_HISTOGRAM_SPARSE_SLOWLY("SafeBrowsing.UnverifiedDownloads.Allowed", | 29 UMA_HISTOGRAM_SPARSE_SLOWLY("SafeBrowsing.UnverifiedDownloads.Allowed", |
| 21 uma_file_type); | 30 uma_file_type); |
| 22 } else { | 31 } else { |
| 23 UMA_HISTOGRAM_SPARSE_SLOWLY("SafeBrowsing.UnverifiedDownloads.Blocked", | 32 UMA_HISTOGRAM_SPARSE_SLOWLY("SafeBrowsing.UnverifiedDownloads.Blocked", |
| 24 uma_file_type); | 33 uma_file_type); |
| 25 } | 34 } |
| 26 return is_allowed; | 35 content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE, |
| 36 base::Bind(callback, policy)); |
| 37 } |
| 38 |
| 39 void CheckFieldTrialOnAnyThread( |
| 40 const base::FilePath& file, |
| 41 const UnverifiedDownloadCheckCompletionCallback& callback) { |
| 42 bool is_allowed = IsUnverifiedDownloadAllowedByFieldTrial(file); |
| 43 RespondWithPolicy(file, callback, is_allowed |
| 44 ? UnverifiedDownloadPolicy::ALLOWED |
| 45 : UnverifiedDownloadPolicy::DISALLOWED); |
| 46 } |
| 47 |
| 48 void CheckWhitelistOnIOThread( |
| 49 scoped_refptr<SafeBrowsingService> service, |
| 50 const GURL& requestor, |
| 51 const base::FilePath& file, |
| 52 const UnverifiedDownloadCheckCompletionCallback& callback) { |
| 53 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); |
| 54 int uma_file_type = |
| 55 download_protection_util::GetSBClientDownloadExtensionValueForUMA(file); |
| 56 |
| 57 if (!service || !service->enabled()) { |
| 58 // If the SafeBrowsing service was disabled, don't try to check against the |
| 59 // field trial list. Instead allow the download. We are assuming that if the |
| 60 // SafeBrowsing service was disabled for this user, then we shouldn't |
| 61 // interefere with unverified downloads. |
| 62 UMA_HISTOGRAM_SPARSE_SLOWLY( |
| 63 "SafeBrowsing.UnverifiedDownloads.AllowedDueToDisabledService", |
| 64 uma_file_type); |
| 65 RespondWithPolicy(file, callback, UnverifiedDownloadPolicy::ALLOWED); |
| 66 return; |
| 67 } |
| 68 |
| 69 if (service->database_manager() && |
| 70 service->database_manager()->MatchDownloadWhitelistUrl(requestor)) { |
| 71 UMA_HISTOGRAM_SPARSE_SLOWLY( |
| 72 "SafeBrowsing.UnverifiedDownloads.AllowedByWhitelist", uma_file_type); |
| 73 RespondWithPolicy(file, callback, UnverifiedDownloadPolicy::ALLOWED); |
| 74 return; |
| 75 } |
| 76 |
| 77 CheckFieldTrialOnAnyThread(file, callback); |
| 78 } |
| 79 |
| 80 } // namespace |
| 81 |
| 82 void CheckUnverifiedDownloadPolicy( |
| 83 const GURL& requestor, |
| 84 const base::FilePath& file, |
| 85 const UnverifiedDownloadCheckCompletionCallback& callback) { |
| 86 if (requestor.is_valid()) { |
| 87 scoped_refptr<SafeBrowsingService> service = |
| 88 g_browser_process->safe_browsing_service(); |
| 89 content::BrowserThread::PostTask( |
| 90 content::BrowserThread::IO, FROM_HERE, |
| 91 base::Bind(&CheckWhitelistOnIOThread, service, requestor, file, |
| 92 callback)); |
| 93 return; |
| 94 } |
| 95 |
| 96 CheckFieldTrialOnAnyThread(file, callback); |
| 27 } | 97 } |
| 28 | 98 |
| 29 } // namespace safe_browsing | 99 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1410423003:
[SafeBrowsing] Conditionalize unverified download blocking on whitelist. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@flash-download-block