chrome/browser/safe_browsing/ui_manager.cc - Issue 1509073002: Fixes for Safe Browsing with unrelated pending navigations.

Side by Side Diff: chrome/browser/safe_browsing/ui_manager.cc

Issue 1509073002: Fixes for Safe Browsing with unrelated pending navigations. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: . Created 5 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« chrome/browser/safe_browsing/ui_manager.h ('K') | « chrome/browser/safe_browsing/ui_manager.h ('k') | chrome/browser/safe_browsing/ui_manager_unittest.cc » ('j') | chrome/browser/ui/webui/interstitials/interstitial_ui.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/safe_browsing/ui_manager.h"	5 #include "chrome/browser/safe_browsing/ui_manager.h"

6	6

7 #include "base/bind.h"	7 #include "base/bind.h"

8 #include "base/bind_helpers.h"	8 #include "base/bind_helpers.h"

9 #include "base/callback.h"	9 #include "base/callback.h"

10 #include "base/debug/leak_tracker.h"	10 #include "base/debug/leak_tracker.h"

(...skipping 70 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
81 // Client-side phishing detection interstitials never block the main frame	81 // Client-side phishing detection interstitials never block the main frame

82 // load, since they happen after the page is finished loading.	82 // load, since they happen after the page is finished loading.

83 if (threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL \|\|	83 if (threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL \|\|

84 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL) {	84 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL) {

85 return false;	85 return false;

86 }	86 }

87	87

88 return true;	88 return true;

89 }	89 }

90	90

	91 content::NavigationEntry*

	92 SafeBrowsingUIManager::UnsafeResource::GetNavigationEntryForResource() const {

	93 WebContents* contents =

	94 tab_util::GetWebContentsByID(render_process_host_id, render_view_id);

	95 if (!contents)

	96 return NULL;
	Charlie Reis 2015/12/11 05:39:24 nit: nullptr nit: nullptr mattm 2015/12/15 01:42:25 Done. Show quoted text On 2015/12/11 05:39:24, Charlie Reis wrote: > nit: nullptr Done.
	97 if (IsMainPageLoadBlocked())

	98 return contents->GetController().GetPendingEntry();

	99 return contents->GetController().GetLastCommittedEntry();
	Charlie Reis 2015/12/11 05:39:24 This should have a comment explaining why we retur This should have a comment explaining why we return the pending entry for the main frame and the last committed for the subframe. mattm 2015/12/15 01:42:25 Done. Show quoted text On 2015/12/11 05:39:24, Charlie Reis wrote: > This should have a comment explaining why we return the pending entry for the > main frame and the last committed for the subframe. Done.
	100 }

	101

91 // SafeBrowsingUIManager -------------------------------------------------------	102 // SafeBrowsingUIManager -------------------------------------------------------

92	103

93 SafeBrowsingUIManager::SafeBrowsingUIManager(	104 SafeBrowsingUIManager::SafeBrowsingUIManager(

94 const scoped_refptr<SafeBrowsingService>& service)	105 const scoped_refptr<SafeBrowsingService>& service)

95 : sb_service_(service) {}	106 : sb_service_(service) {}

96	107

97 SafeBrowsingUIManager::~SafeBrowsingUIManager() {}	108 SafeBrowsingUIManager::~SafeBrowsingUIManager() {}

98	109

99 void SafeBrowsingUIManager::StopOnIOThread(bool shutdown) {	110 void SafeBrowsingUIManager::StopOnIOThread(bool shutdown) {

100 DCHECK_CURRENTLY_ON(BrowserThread::IO);	111 DCHECK_CURRENTLY_ON(BrowserThread::IO);

(...skipping 66 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
167 DCHECK(resource.callback_thread);	178 DCHECK(resource.callback_thread);

168 resource.callback_thread->PostTask(FROM_HERE,	179 resource.callback_thread->PostTask(FROM_HERE,

169 base::Bind(resource.callback, true));	180 base::Bind(resource.callback, true));

170 }	181 }

171 return;	182 return;

172 }	183 }

173	184

174 if (resource.threat_type != SB_THREAT_TYPE_SAFE) {	185 if (resource.threat_type != SB_THREAT_TYPE_SAFE) {

175 HitReport hit_report;	186 HitReport hit_report;

176 hit_report.malicious_url = resource.url;	187 hit_report.malicious_url = resource.url;

177 hit_report.page_url = web_contents->GetURL();

178 hit_report.is_subresource = resource.is_subresource;	188 hit_report.is_subresource = resource.is_subresource;

179 hit_report.threat_type = resource.threat_type;	189 hit_report.threat_type = resource.threat_type;

180 hit_report.threat_source = resource.threat_source;	190 hit_report.threat_source = resource.threat_source;

181	191

182 NavigationEntry* entry = web_contents->GetController().GetActiveEntry();	192 NavigationEntry* entry = resource.GetNavigationEntryForResource();

183 if (entry)	193 hit_report.page_url = entry->GetURL();

184 hit_report.referrer_url = entry->GetReferrer().url;	194 hit_report.referrer_url = entry->GetReferrer().url;

185	195

186 // When the malicious url is on the main frame, and resource.original_url	196 // When the malicious url is on the main frame, and resource.original_url

187 // is not the same as the resource.url, that means we have a redirect from	197 // is not the same as the resource.url, that means we have a redirect from

188 // resource.original_url to resource.url.	198 // resource.original_url to resource.url.

189 // Also, at this point, page_url points to the _previous_ page that we	199 // Also, at this point, page_url points to the _previous_ page that we

190 // were on. We replace page_url with resource.original_url and referrer	200 // were on. We replace page_url with resource.original_url and referrer

191 // with page_url.	201 // with page_url.

192 if (!resource.is_subresource &&	202 if (!resource.is_subresource &&

193 !resource.original_url.is_empty() &&	203 !resource.original_url.is_empty() &&

194 resource.original_url != resource.url) {	204 resource.original_url != resource.url) {

(...skipping 109 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
304 WebContents* web_contents = tab_util::GetWebContentsByID(	314 WebContents* web_contents = tab_util::GetWebContentsByID(

305 resource.render_process_host_id, resource.render_view_id);	315 resource.render_process_host_id, resource.render_view_id);

306	316

307 WhitelistUrlSet* site_list =	317 WhitelistUrlSet* site_list =

308 static_cast<WhitelistUrlSet*>(web_contents->GetUserData(kWhitelistKey));	318 static_cast<WhitelistUrlSet*>(web_contents->GetUserData(kWhitelistKey));

309 if (!site_list) {	319 if (!site_list) {

310 site_list = new WhitelistUrlSet;	320 site_list = new WhitelistUrlSet;

311 web_contents->SetUserData(kWhitelistKey, site_list);	321 web_contents->SetUserData(kWhitelistKey, site_list);

312 }	322 }

313	323

314 GURL whitelisted_url(resource.is_subresource ? web_contents->GetVisibleURL()	324 NavigationEntry* entry = resource.GetNavigationEntryForResource();

	325 GURL whitelisted_url(resource.is_subresource ? entry->GetURL()

315 : resource.url);	326 : resource.url);

316 site_list->Insert(whitelisted_url);	327 site_list->Insert(whitelisted_url);

317 }	328 }

318	329

319 // Check if the user has already ignored a SB warning for this WebContents and	330 // Check if the user has already ignored a SB warning for this WebContents and

320 // top-level domain.	331 // top-level domain.

321 bool SafeBrowsingUIManager::IsWhitelisted(const UnsafeResource& resource) {	332 bool SafeBrowsingUIManager::IsWhitelisted(const UnsafeResource& resource) {

322 DCHECK_CURRENTLY_ON(BrowserThread::UI);	333 DCHECK_CURRENTLY_ON(BrowserThread::UI);

323 WebContents* web_contents = tab_util::GetWebContentsByID(	334 WebContents* web_contents = tab_util::GetWebContentsByID(

324 resource.render_process_host_id, resource.render_view_id);	335 resource.render_process_host_id, resource.render_view_id);

325	336

326 GURL maybe_whitelisted_url(	337 NavigationEntry* entry = resource.GetNavigationEntryForResource();

327 resource.is_subresource ? web_contents->GetVisibleURL() : resource.url);	338 GURL maybe_whitelisted_url(resource.is_subresource ? entry->GetURL()

	339 : resource.url);

328 WhitelistUrlSet* site_list =	340 WhitelistUrlSet* site_list =

329 static_cast<WhitelistUrlSet*>(web_contents->GetUserData(kWhitelistKey));	341 static_cast<WhitelistUrlSet*>(web_contents->GetUserData(kWhitelistKey));

330 if (!site_list)	342 if (!site_list)

331 return false;	343 return false;

332 return site_list->Contains(maybe_whitelisted_url);	344 return site_list->Contains(maybe_whitelisted_url);

333 }	345 }

334	346

335 } // namespace safe_browsing	347 } // namespace safe_browsing

OLD	NEW