| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Implementation of the ThreatDetails class. | 5 // Implementation of the ThreatDetails class. |
| 6 | 6 |
| 7 #include "chrome/browser/safe_browsing/threat_details.h" | 7 #include "chrome/browser/safe_browsing/threat_details.h" |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/lazy_instance.h" | 10 #include "base/lazy_instance.h" |
| 11 #include "base/md5.h" | 11 #include "base/md5.h" |
| 12 #include "base/strings/string_util.h" | 12 #include "base/strings/string_util.h" |
| 13 #include "chrome/browser/safe_browsing/report.pb.h" | |
| 14 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 13 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 15 #include "chrome/browser/safe_browsing/threat_details_cache.h" | 14 #include "chrome/browser/safe_browsing/threat_details_cache.h" |
| 15 #include "chrome/common/safe_browsing/csd.pb.h" |
| 16 #include "content/public/browser/browser_thread.h" | 16 #include "content/public/browser/browser_thread.h" |
| 17 #include "net/base/host_port_pair.h" | 17 #include "net/base/host_port_pair.h" |
| 18 #include "net/base/load_flags.h" | 18 #include "net/base/load_flags.h" |
| 19 #include "net/base/net_errors.h" | 19 #include "net/base/net_errors.h" |
| 20 #include "net/http/http_response_headers.h" | 20 #include "net/http/http_response_headers.h" |
| 21 #include "net/url_request/url_fetcher.h" | 21 #include "net/url_request/url_fetcher.h" |
| 22 #include "net/url_request/url_request_context_getter.h" | 22 #include "net/url_request/url_request_context_getter.h" |
| 23 #include "net/url_request/url_request_status.h" | 23 #include "net/url_request/url_request_status.h" |
| 24 | 24 |
| 25 using content::BrowserThread; | 25 using content::BrowserThread; |
| 26 using safe_browsing::ClientMalwareReportRequest; | 26 using safe_browsing::ClientSafeBrowsingReportRequest; |
| 27 | 27 |
| 28 // Only send small files for now, a better strategy would use the size | 28 // Only send small files for now, a better strategy would use the size |
| 29 // of the whole report and the user's bandwidth. | 29 // of the whole report and the user's bandwidth. |
| 30 static const uint32 kMaxBodySizeBytes = 1024; | 30 static const uint32 kMaxBodySizeBytes = 1024; |
| 31 | 31 |
| 32 ThreatDetailsCacheCollector::ThreatDetailsCacheCollector() | 32 ThreatDetailsCacheCollector::ThreatDetailsCacheCollector() |
| 33 : resources_(NULL), result_(NULL), has_started_(false) {} | 33 : resources_(NULL), result_(NULL), has_started_(false) {} |
| 34 | 34 |
| 35 void ThreatDetailsCacheCollector::StartCacheCollection( | 35 void ThreatDetailsCacheCollector::StartCacheCollection( |
| 36 net::URLRequestContextGetter* request_context_getter, | 36 net::URLRequestContextGetter* request_context_getter, |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 80 current_fetch_ = net::URLFetcher::Create(GURL(resources_it_->first), | 80 current_fetch_ = net::URLFetcher::Create(GURL(resources_it_->first), |
| 81 net::URLFetcher::GET, this); | 81 net::URLFetcher::GET, this); |
| 82 current_fetch_->SetRequestContext(request_context_getter_.get()); | 82 current_fetch_->SetRequestContext(request_context_getter_.get()); |
| 83 // Only from cache, and don't save cookies. | 83 // Only from cache, and don't save cookies. |
| 84 current_fetch_->SetLoadFlags(net::LOAD_ONLY_FROM_CACHE | | 84 current_fetch_->SetLoadFlags(net::LOAD_ONLY_FROM_CACHE | |
| 85 net::LOAD_DO_NOT_SAVE_COOKIES); | 85 net::LOAD_DO_NOT_SAVE_COOKIES); |
| 86 current_fetch_->SetAutomaticallyRetryOn5xx(false); // No retries. | 86 current_fetch_->SetAutomaticallyRetryOn5xx(false); // No retries. |
| 87 current_fetch_->Start(); // OnURLFetchComplete will be called when done. | 87 current_fetch_->Start(); // OnURLFetchComplete will be called when done. |
| 88 } | 88 } |
| 89 | 89 |
| 90 ClientMalwareReportRequest::Resource* ThreatDetailsCacheCollector::GetResource( | 90 ClientSafeBrowsingReportRequest::Resource* |
| 91 const GURL& url) { | 91 ThreatDetailsCacheCollector::GetResource(const GURL& url) { |
| 92 safe_browsing::ResourceMap::iterator it = resources_->find(url.spec()); | 92 safe_browsing::ResourceMap::iterator it = resources_->find(url.spec()); |
| 93 if (it != resources_->end()) { | 93 if (it != resources_->end()) { |
| 94 return it->second.get(); | 94 return it->second.get(); |
| 95 } | 95 } |
| 96 return NULL; | 96 return NULL; |
| 97 } | 97 } |
| 98 | 98 |
| 99 void ThreatDetailsCacheCollector::OnURLFetchComplete( | 99 void ThreatDetailsCacheCollector::OnURLFetchComplete( |
| 100 const net::URLFetcher* source) { | 100 const net::URLFetcher* source) { |
| 101 DVLOG(1) << "OnUrlFetchComplete"; | 101 DVLOG(1) << "OnUrlFetchComplete"; |
| (...skipping 10 matching lines...) Expand all Loading... |
| 112 if (source->GetStatus().status() != net::URLRequestStatus::SUCCESS) { | 112 if (source->GetStatus().status() != net::URLRequestStatus::SUCCESS) { |
| 113 // Some other error occurred, e.g. the request could have been cancelled. | 113 // Some other error occurred, e.g. the request could have been cancelled. |
| 114 DVLOG(1) << "Unsuccessful fetch: " << source->GetURL(); | 114 DVLOG(1) << "Unsuccessful fetch: " << source->GetURL(); |
| 115 AdvanceEntry(); | 115 AdvanceEntry(); |
| 116 return; | 116 return; |
| 117 } | 117 } |
| 118 | 118 |
| 119 // Set the response headers and body to the right resource, which | 119 // Set the response headers and body to the right resource, which |
| 120 // might not be the same as the one we asked for. | 120 // might not be the same as the one we asked for. |
| 121 // For redirects, resources_it_->first != url.spec(). | 121 // For redirects, resources_it_->first != url.spec(). |
| 122 ClientMalwareReportRequest::Resource* resource = | 122 ClientSafeBrowsingReportRequest::Resource* resource = |
| 123 GetResource(source->GetURL()); | 123 GetResource(source->GetURL()); |
| 124 if (!resource) { | 124 if (!resource) { |
| 125 DVLOG(1) << "Cannot find resource for url:" << source->GetURL(); | 125 DVLOG(1) << "Cannot find resource for url:" << source->GetURL(); |
| 126 AdvanceEntry(); | 126 AdvanceEntry(); |
| 127 return; | 127 return; |
| 128 } | 128 } |
| 129 | 129 |
| 130 ReadResponse(resource, source); | 130 ReadResponse(resource, source); |
| 131 std::string data; | 131 std::string data; |
| 132 source->GetResponseAsString(&data); | 132 source->GetResponseAsString(&data); |
| 133 ReadData(resource, data); | 133 ReadData(resource, data); |
| 134 AdvanceEntry(); | 134 AdvanceEntry(); |
| 135 } | 135 } |
| 136 | 136 |
| 137 void ThreatDetailsCacheCollector::ReadResponse( | 137 void ThreatDetailsCacheCollector::ReadResponse( |
| 138 ClientMalwareReportRequest::Resource* pb_resource, | 138 ClientSafeBrowsingReportRequest::Resource* pb_resource, |
| 139 const net::URLFetcher* source) { | 139 const net::URLFetcher* source) { |
| 140 DVLOG(1) << "ReadResponse"; | 140 DVLOG(1) << "ReadResponse"; |
| 141 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 141 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 142 net::HttpResponseHeaders* headers = source->GetResponseHeaders(); | 142 net::HttpResponseHeaders* headers = source->GetResponseHeaders(); |
| 143 if (!headers) { | 143 if (!headers) { |
| 144 DVLOG(1) << "Missing response headers."; | 144 DVLOG(1) << "Missing response headers."; |
| 145 return; | 145 return; |
| 146 } | 146 } |
| 147 | 147 |
| 148 ClientMalwareReportRequest::HTTPResponse* pb_response = | 148 ClientSafeBrowsingReportRequest::HTTPResponse* pb_response = |
| 149 pb_resource->mutable_response(); | 149 pb_resource->mutable_response(); |
| 150 pb_response->mutable_firstline()->set_code(headers->response_code()); | 150 pb_response->mutable_firstline()->set_code(headers->response_code()); |
| 151 void* iter = NULL; | 151 void* iter = NULL; |
| 152 std::string name, value; | 152 std::string name, value; |
| 153 while (headers->EnumerateHeaderLines(&iter, &name, &value)) { | 153 while (headers->EnumerateHeaderLines(&iter, &name, &value)) { |
| 154 ClientMalwareReportRequest::HTTPHeader* pb_header = | 154 ClientSafeBrowsingReportRequest::HTTPHeader* pb_header = |
| 155 pb_response->add_headers(); | 155 pb_response->add_headers(); |
| 156 pb_header->set_name(name); | 156 pb_header->set_name(name); |
| 157 // Strip any Set-Cookie headers. | 157 // Strip any Set-Cookie headers. |
| 158 if (base::LowerCaseEqualsASCII(name, "set-cookie")) { | 158 if (base::LowerCaseEqualsASCII(name, "set-cookie")) { |
| 159 pb_header->set_value(""); | 159 pb_header->set_value(""); |
| 160 } else { | 160 } else { |
| 161 pb_header->set_value(value); | 161 pb_header->set_value(value); |
| 162 } | 162 } |
| 163 } | 163 } |
| 164 | 164 |
| 165 if (!source->WasFetchedViaProxy()) { | 165 if (!source->WasFetchedViaProxy()) { |
| 166 pb_response->set_remote_ip(source->GetSocketAddress().ToString()); | 166 pb_response->set_remote_ip(source->GetSocketAddress().ToString()); |
| 167 } | 167 } |
| 168 } | 168 } |
| 169 | 169 |
| 170 void ThreatDetailsCacheCollector::ReadData( | 170 void ThreatDetailsCacheCollector::ReadData( |
| 171 ClientMalwareReportRequest::Resource* pb_resource, | 171 ClientSafeBrowsingReportRequest::Resource* pb_resource, |
| 172 const std::string& data) { | 172 const std::string& data) { |
| 173 DVLOG(1) << "ReadData"; | 173 DVLOG(1) << "ReadData"; |
| 174 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 174 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 175 ClientMalwareReportRequest::HTTPResponse* pb_response = | 175 ClientSafeBrowsingReportRequest::HTTPResponse* pb_response = |
| 176 pb_resource->mutable_response(); | 176 pb_resource->mutable_response(); |
| 177 if (data.size() <= kMaxBodySizeBytes) { // Only send small bodies for now. | 177 if (data.size() <= kMaxBodySizeBytes) { // Only send small bodies for now. |
| 178 pb_response->set_body(data); | 178 pb_response->set_body(data); |
| 179 } | 179 } |
| 180 pb_response->set_bodylength(data.size()); | 180 pb_response->set_bodylength(data.size()); |
| 181 pb_response->set_bodydigest(base::MD5String(data)); | 181 pb_response->set_bodydigest(base::MD5String(data)); |
| 182 } | 182 } |
| 183 | 183 |
| 184 void ThreatDetailsCacheCollector::AdvanceEntry() { | 184 void ThreatDetailsCacheCollector::AdvanceEntry() { |
| 185 DVLOG(1) << "AdvanceEntry"; | 185 DVLOG(1) << "AdvanceEntry"; |
| 186 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 186 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 187 // Advance to the next resource. | 187 // Advance to the next resource. |
| 188 ++resources_it_; | 188 ++resources_it_; |
| 189 current_fetch_.reset(NULL); | 189 current_fetch_.reset(NULL); |
| 190 | 190 |
| 191 // Create a task so we don't take over the IO thread for too long. | 191 // Create a task so we don't take over the IO thread for too long. |
| 192 BrowserThread::PostTask( | 192 BrowserThread::PostTask( |
| 193 BrowserThread::IO, FROM_HERE, | 193 BrowserThread::IO, FROM_HERE, |
| 194 base::Bind(&ThreatDetailsCacheCollector::OpenEntry, this)); | 194 base::Bind(&ThreatDetailsCacheCollector::OpenEntry, this)); |
| 195 } | 195 } |
| 196 | 196 |
| 197 void ThreatDetailsCacheCollector::AllDone(bool success) { | 197 void ThreatDetailsCacheCollector::AllDone(bool success) { |
| 198 DVLOG(1) << "AllDone"; | 198 DVLOG(1) << "AllDone"; |
| 199 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 199 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 200 *result_ = success; | 200 *result_ = success; |
| 201 BrowserThread::PostTask(BrowserThread::IO, FROM_HERE, callback_); | 201 BrowserThread::PostTask(BrowserThread::IO, FROM_HERE, callback_); |
| 202 callback_.Reset(); | 202 callback_.Reset(); |
| 203 } | 203 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1414343007:
Collect threat details for phishing and UwS (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master