Chromium Code Reviews Chromium Code Reviews
Issue 1550233002:
Move mixed content settings histograms into browser (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/content_settings_observer.h" | 5 #include "chrome/renderer/content_settings_observer.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/metrics/histogram.h" | |
| 9 #include "components/content_settings/content/common/content_settings_messages.h " | 8 #include "components/content_settings/content/common/content_settings_messages.h " |
| 10 #include "content/public/common/url_constants.h" | 9 #include "content/public/common/url_constants.h" |
| 11 #include "content/public/renderer/document_state.h" | 10 #include "content/public/renderer/document_state.h" |
| 12 #include "content/public/renderer/render_frame.h" | 11 #include "content/public/renderer/render_frame.h" |
| 13 #include "content/public/renderer/render_view.h" | 12 #include "content/public/renderer/render_view.h" |
| 14 #include "third_party/WebKit/public/platform/WebContentSettingCallbacks.h" | 13 #include "third_party/WebKit/public/platform/WebContentSettingCallbacks.h" |
| 15 #include "third_party/WebKit/public/platform/WebURL.h" | 14 #include "third_party/WebKit/public/platform/WebURL.h" |
| 16 #include "third_party/WebKit/public/web/WebDataSource.h" | 15 #include "third_party/WebKit/public/web/WebDataSource.h" |
| 17 #include "third_party/WebKit/public/web/WebDocument.h" | 16 #include "third_party/WebKit/public/web/WebDocument.h" |
| 18 #include "third_party/WebKit/public/web/WebFrameClient.h" | 17 #include "third_party/WebKit/public/web/WebFrameClient.h" |
| (...skipping 17 matching lines...) Expand all Loading... | |
| 36 using blink::WebFrame; | 35 using blink::WebFrame; |
| 37 using blink::WebSecurityOrigin; | 36 using blink::WebSecurityOrigin; |
| 38 using blink::WebString; | 37 using blink::WebString; |
| 39 using blink::WebURL; | 38 using blink::WebURL; |
| 40 using blink::WebView; | 39 using blink::WebView; |
| 41 using content::DocumentState; | 40 using content::DocumentState; |
| 42 using content::NavigationState; | 41 using content::NavigationState; |
| 43 | 42 |
| 44 namespace { | 43 namespace { |
| 45 | 44 |
| 46 enum { | |
| 47 INSECURE_CONTENT_DISPLAY = 0, | |
| 48 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE, | |
| 49 INSECURE_CONTENT_DISPLAY_HOST_WWW_GOOGLE, | |
| 50 INSECURE_CONTENT_DISPLAY_HTML, | |
| 51 INSECURE_CONTENT_RUN, | |
| 52 INSECURE_CONTENT_RUN_HOST_GOOGLE, | |
| 53 INSECURE_CONTENT_RUN_HOST_WWW_GOOGLE, | |
| 54 INSECURE_CONTENT_RUN_TARGET_YOUTUBE, | |
| 55 INSECURE_CONTENT_RUN_JS, | |
| 56 INSECURE_CONTENT_RUN_CSS, | |
| 57 INSECURE_CONTENT_RUN_SWF, | |
| 58 INSECURE_CONTENT_DISPLAY_HOST_YOUTUBE, | |
| 59 INSECURE_CONTENT_RUN_HOST_YOUTUBE, | |
| 60 INSECURE_CONTENT_RUN_HOST_GOOGLEUSERCONTENT, | |
| 61 INSECURE_CONTENT_DISPLAY_HOST_MAIL_GOOGLE, | |
| 62 INSECURE_CONTENT_RUN_HOST_MAIL_GOOGLE, | |
| 63 INSECURE_CONTENT_DISPLAY_HOST_PLUS_GOOGLE, | |
| 64 INSECURE_CONTENT_RUN_HOST_PLUS_GOOGLE, | |
| 65 INSECURE_CONTENT_DISPLAY_HOST_DOCS_GOOGLE, | |
| 66 INSECURE_CONTENT_RUN_HOST_DOCS_GOOGLE, | |
| 67 INSECURE_CONTENT_DISPLAY_HOST_SITES_GOOGLE, | |
| 68 INSECURE_CONTENT_RUN_HOST_SITES_GOOGLE, | |
| 69 INSECURE_CONTENT_DISPLAY_HOST_PICASAWEB_GOOGLE, | |
| 70 INSECURE_CONTENT_RUN_HOST_PICASAWEB_GOOGLE, | |
| 71 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_READER, | |
| 72 INSECURE_CONTENT_RUN_HOST_GOOGLE_READER, | |
| 73 INSECURE_CONTENT_DISPLAY_HOST_CODE_GOOGLE, | |
| 74 INSECURE_CONTENT_RUN_HOST_CODE_GOOGLE, | |
| 75 INSECURE_CONTENT_DISPLAY_HOST_GROUPS_GOOGLE, | |
| 76 INSECURE_CONTENT_RUN_HOST_GROUPS_GOOGLE, | |
| 77 INSECURE_CONTENT_DISPLAY_HOST_MAPS_GOOGLE, | |
| 78 INSECURE_CONTENT_RUN_HOST_MAPS_GOOGLE, | |
| 79 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT, | |
| 80 INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT, | |
| 81 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_INTL, | |
| 82 INSECURE_CONTENT_RUN_HOST_GOOGLE_INTL, | |
| 83 INSECURE_CONTENT_NUM_EVENTS | |
| 84 }; | |
| 85 | |
| 86 // Constants for UMA statistic collection. | |
| 87 static const char kWWWDotGoogleDotCom[] = "www.google.com"; | |
| 88 static const char kMailDotGoogleDotCom[] = "mail.google.com"; | |
| 89 static const char kPlusDotGoogleDotCom[] = "plus.google.com"; | |
| 90 static const char kDocsDotGoogleDotCom[] = "docs.google.com"; | |
| 91 static const char kSitesDotGoogleDotCom[] = "sites.google.com"; | |
| 92 static const char kPicasawebDotGoogleDotCom[] = "picasaweb.google.com"; | |
| 93 static const char kCodeDotGoogleDotCom[] = "code.google.com"; | |
| 94 static const char kGroupsDotGoogleDotCom[] = "groups.google.com"; | |
| 95 static const char kMapsDotGoogleDotCom[] = "maps.google.com"; | |
| 96 static const char kWWWDotYoutubeDotCom[] = "www.youtube.com"; | |
| 97 static const char kDotGoogleUserContentDotCom[] = ".googleusercontent.com"; | |
| 98 static const char kGoogleReaderPathPrefix[] = "/reader/"; | |
| 99 static const char kGoogleSupportPathPrefix[] = "/support/"; | |
| 100 static const char kGoogleIntlPathPrefix[] = "/intl/"; | |
| 101 static const char kDotJS[] = ".js"; | |
| 102 static const char kDotCSS[] = ".css"; | |
| 103 static const char kDotSWF[] = ".swf"; | |
| 104 static const char kDotHTML[] = ".html"; | |
| 105 | |
| 106 // Constants for mixed-content blocking. | |
| 107 static const char kGoogleDotCom[] = "google.com"; | |
| 108 | |
| 109 static bool IsHostInDomain(const std::string& host, const std::string& domain) { | |
| 110 return (base::EndsWith(host, domain, base::CompareCase::INSENSITIVE_ASCII) && | |
| 111 (host.length() == domain.length() || | |
| 112 (host.length() > domain.length() && | |
| 113 host[host.length() - domain.length() - 1] == '.'))); | |
| 114 } | |
| 115 | |
| 116 GURL GetOriginOrURL(const WebFrame* frame) { | 45 GURL GetOriginOrURL(const WebFrame* frame) { |
| 117 WebString top_origin = frame->top()->securityOrigin().toString(); | 46 WebString top_origin = frame->top()->securityOrigin().toString(); |
| 118 // The |top_origin| is unique ("null") e.g., for file:// URLs. Use the | 47 // The |top_origin| is unique ("null") e.g., for file:// URLs. Use the |
| 119 // document URL as the primary URL in those cases. | 48 // document URL as the primary URL in those cases. |
| 120 // TODO(alexmos): This is broken for --site-per-process, since top() can be a | 49 // TODO(alexmos): This is broken for --site-per-process, since top() can be a |
| 121 // WebRemoteFrame which does not have a document(), and the WebRemoteFrame's | 50 // WebRemoteFrame which does not have a document(), and the WebRemoteFrame's |
| 122 // URL is not replicated. | 51 // URL is not replicated. |
| 123 if (top_origin == "null") | 52 if (top_origin == "null") |
| 124 return frame->top()->document().url(); | 53 return frame->top()->document().url(); |
| 125 return GURL(top_origin); | 54 return GURL(top_origin); |
| (...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 452 } | 381 } |
| 453 } | 382 } |
| 454 #endif | 383 #endif |
| 455 return allowed; | 384 return allowed; |
| 456 } | 385 } |
| 457 | 386 |
| 458 bool ContentSettingsObserver::allowMutationEvents(bool default_value) { | 387 bool ContentSettingsObserver::allowMutationEvents(bool default_value) { |
| 459 return IsPlatformApp() ? false : default_value; | 388 return IsPlatformApp() ? false : default_value; |
| 460 } | 389 } |
| 461 | 390 |
| 462 static void SendInsecureContentSignal(int signal) { | |
| 463 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, | |
| 464 INSECURE_CONTENT_NUM_EVENTS); | |
| 465 } | |
| 466 | |
| 467 bool ContentSettingsObserver::allowDisplayingInsecureContent( | 391 bool ContentSettingsObserver::allowDisplayingInsecureContent( |
| 468 bool allowed_per_settings, | 392 bool allowed_per_settings, |
| 469 const blink::WebSecurityOrigin& origin, | 393 const blink::WebSecurityOrigin& origin, |
| 470 const blink::WebURL& resource_url) { | 394 const blink::WebURL& resource_url) { |
| 471 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY); | |
| 472 | |
| 473 std::string origin_host(origin.host().utf8()); | |
| 474 WebFrame* frame = render_frame()->GetWebFrame(); | |
| 475 GURL frame_gurl(frame->document().url()); | |
| 476 if (IsHostInDomain(origin_host, kGoogleDotCom)) { | |
| 477 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE); | |
| 478 if (base::StartsWith(frame_gurl.path(), kGoogleSupportPathPrefix, | |
| 479 base::CompareCase::INSENSITIVE_ASCII)) { | |
| 480 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT); | |
| 481 } else if (base::StartsWith(frame_gurl.path(), kGoogleIntlPathPrefix, | |
| 482 base::CompareCase::INSENSITIVE_ASCII)) { | |
| 483 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_INTL); | |
| 484 } | |
| 485 } | |
| 486 | |
| 487 if (origin_host == kWWWDotGoogleDotCom) { | |
| 488 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_WWW_GOOGLE); | |
| 489 if (base::StartsWith(frame_gurl.path(), kGoogleReaderPathPrefix, | |
| 490 base::CompareCase::INSENSITIVE_ASCII)) | |
| 491 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_READER); | |
| 492 } else if (origin_host == kMailDotGoogleDotCom) { | |
| 493 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_MAIL_GOOGLE); | |
| 494 } else if (origin_host == kPlusDotGoogleDotCom) { | |
| 495 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_PLUS_GOOGLE); | |
| 496 } else if (origin_host == kDocsDotGoogleDotCom) { | |
| 497 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_DOCS_GOOGLE); | |
| 498 } else if (origin_host == kSitesDotGoogleDotCom) { | |
| 499 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_SITES_GOOGLE); | |
| 500 } else if (origin_host == kPicasawebDotGoogleDotCom) { | |
| 501 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_PICASAWEB_GOOGLE); | |
| 502 } else if (origin_host == kCodeDotGoogleDotCom) { | |
| 503 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_CODE_GOOGLE); | |
| 504 } else if (origin_host == kGroupsDotGoogleDotCom) { | |
| 505 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GROUPS_GOOGLE); | |
| 506 } else if (origin_host == kMapsDotGoogleDotCom) { | |
| 507 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_MAPS_GOOGLE); | |
| 508 } else if (origin_host == kWWWDotYoutubeDotCom) { | |
| 509 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_YOUTUBE); | |
| 510 } | |
| 511 | |
| 512 GURL resource_gurl(resource_url); | |
| 513 if (base::EndsWith(resource_gurl.path(), kDotHTML, | |
| 514 base::CompareCase::INSENSITIVE_ASCII)) | |
| 515 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HTML); | |
| 516 | |
| 517 if (allowed_per_settings || allow_displaying_insecure_content_) | 395 if (allowed_per_settings || allow_displaying_insecure_content_) |
| 518 return true; | 396 return true; |
| 519 | |
| 520 Send(new ChromeViewHostMsg_DidBlockDisplayingInsecureContent(routing_id())); | 397 Send(new ChromeViewHostMsg_DidBlockDisplayingInsecureContent(routing_id())); |
|
alexmos
2016/01/09 01:39:02
Just curious, how does this still work once you ch
| |
| 521 | |
| 522 return false; | 398 return false; |
| 523 } | 399 } |
| 524 | 400 |
| 525 bool ContentSettingsObserver::allowRunningInsecureContent( | 401 bool ContentSettingsObserver::allowRunningInsecureContent( |
| 526 bool allowed_per_settings, | 402 bool allowed_per_settings, |
| 527 const blink::WebSecurityOrigin& origin, | 403 const blink::WebSecurityOrigin& origin, |
| 528 const blink::WebURL& resource_url) { | 404 const blink::WebURL& resource_url) { |
| 529 std::string origin_host(origin.host().utf8()); | |
| 530 WebFrame* frame = render_frame()->GetWebFrame(); | |
| 531 GURL frame_gurl(frame->document().url()); | |
| 532 DCHECK_EQ(frame_gurl.host(), origin_host); | |
| 533 | |
| 534 bool is_google = IsHostInDomain(origin_host, kGoogleDotCom); | |
| 535 if (is_google) { | |
| 536 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE); | |
| 537 if (base::StartsWith(frame_gurl.path(), kGoogleSupportPathPrefix, | |
| 538 base::CompareCase::INSENSITIVE_ASCII)) { | |
| 539 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT); | |
| 540 } else if (base::StartsWith(frame_gurl.path(), kGoogleIntlPathPrefix, | |
| 541 base::CompareCase::INSENSITIVE_ASCII)) { | |
| 542 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE_INTL); | |
| 543 } | |
| 544 } | |
| 545 | |
| 546 if (origin_host == kWWWDotGoogleDotCom) { | |
| 547 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_WWW_GOOGLE); | |
| 548 if (base::StartsWith(frame_gurl.path(), kGoogleReaderPathPrefix, | |
| 549 base::CompareCase::INSENSITIVE_ASCII)) | |
| 550 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE_READER); | |
| 551 } else if (origin_host == kMailDotGoogleDotCom) { | |
| 552 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_MAIL_GOOGLE); | |
| 553 } else if (origin_host == kPlusDotGoogleDotCom) { | |
| 554 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_PLUS_GOOGLE); | |
| 555 } else if (origin_host == kDocsDotGoogleDotCom) { | |
| 556 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_DOCS_GOOGLE); | |
| 557 } else if (origin_host == kSitesDotGoogleDotCom) { | |
| 558 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_SITES_GOOGLE); | |
| 559 } else if (origin_host == kPicasawebDotGoogleDotCom) { | |
| 560 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_PICASAWEB_GOOGLE); | |
| 561 } else if (origin_host == kCodeDotGoogleDotCom) { | |
| 562 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_CODE_GOOGLE); | |
| 563 } else if (origin_host == kGroupsDotGoogleDotCom) { | |
| 564 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GROUPS_GOOGLE); | |
| 565 } else if (origin_host == kMapsDotGoogleDotCom) { | |
| 566 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_MAPS_GOOGLE); | |
| 567 } else if (origin_host == kWWWDotYoutubeDotCom) { | |
| 568 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_YOUTUBE); | |
| 569 } else if (base::EndsWith(origin_host, kDotGoogleUserContentDotCom, | |
| 570 base::CompareCase::INSENSITIVE_ASCII)) { | |
| 571 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLEUSERCONTENT); | |
| 572 } | |
| 573 | |
| 574 GURL resource_gurl(resource_url); | |
| 575 if (resource_gurl.host() == kWWWDotYoutubeDotCom) | |
| 576 SendInsecureContentSignal(INSECURE_CONTENT_RUN_TARGET_YOUTUBE); | |
| 577 | |
| 578 if (base::EndsWith(resource_gurl.path(), kDotJS, | |
| 579 base::CompareCase::INSENSITIVE_ASCII)) | |
| 580 SendInsecureContentSignal(INSECURE_CONTENT_RUN_JS); | |
| 581 else if (base::EndsWith(resource_gurl.path(), kDotCSS, | |
| 582 base::CompareCase::INSENSITIVE_ASCII)) | |
| 583 SendInsecureContentSignal(INSECURE_CONTENT_RUN_CSS); | |
| 584 else if (base::EndsWith(resource_gurl.path(), kDotSWF, | |
| 585 base::CompareCase::INSENSITIVE_ASCII)) | |
| 586 SendInsecureContentSignal(INSECURE_CONTENT_RUN_SWF); | |
| 587 | |
| 588 if (!allow_running_insecure_content_ && !allowed_per_settings) { | 405 if (!allow_running_insecure_content_ && !allowed_per_settings) { |
| 589 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT, origin.host()); | 406 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT, origin.host()); |
| 590 return false; | 407 return false; |
| 591 } | 408 } |
| 592 | |
| 593 return true; | 409 return true; |
| 594 } | 410 } |
| 595 | 411 |
| 596 void ContentSettingsObserver::didNotAllowPlugins() { | 412 void ContentSettingsObserver::didNotAllowPlugins() { |
| 597 DidBlockContentType(CONTENT_SETTINGS_TYPE_PLUGINS); | 413 DidBlockContentType(CONTENT_SETTINGS_TYPE_PLUGINS); |
| 598 } | 414 } |
| 599 | 415 |
| 600 void ContentSettingsObserver::didNotAllowScript() { | 416 void ContentSettingsObserver::didNotAllowScript() { |
| 601 DidBlockContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT); | 417 DidBlockContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT); |
| 602 } | 418 } |
| (...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 724 | 540 |
| 725 // If the scheme is file:, an empty file name indicates a directory listing, | 541 // If the scheme is file:, an empty file name indicates a directory listing, |
| 726 // which requires JavaScript to function properly. | 542 // which requires JavaScript to function properly. |
| 727 if (base::EqualsASCII(protocol, url::kFileScheme)) { | 543 if (base::EqualsASCII(protocol, url::kFileScheme)) { |
| 728 return document_url.SchemeIs(url::kFileScheme) && | 544 return document_url.SchemeIs(url::kFileScheme) && |
| 729 document_url.ExtractFileName().empty(); | 545 document_url.ExtractFileName().empty(); |
| 730 } | 546 } |
| 731 | 547 |
| 732 return false; | 548 return false; |
| 733 } | 549 } |
| OLD | NEW |
