[ON HOLD] Implement pull-based design for content decoding

net/filter/sdch_policy_delegate.cc

Index: net/filter/sdch_policy_delegate.cc
diff --git a/net/filter/sdch_policy_delegate.cc b/net/filter/sdch_policy_delegate.cc
new file mode 100644
index 0000000000000000000000000000000000000000..5bb2b2565629979a8367187075888540950d01fd
--- /dev/null
+++ b/net/filter/sdch_policy_delegate.cc
@@ -0,0 +1,174 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/filter/sdch_policy_delegate.h"
+
+#include "base/metrics/histogram_macros.h"
+#include "base/values.h"
+#include "net/base/sdch_net_log_params.h"
+#include "net/filter/sdch_source_stream.h"
+
+namespace net {
+
+namespace {
+
+const char kRefreshHtml[] =
+    "<head><META HTTP-EQUIV=\"Refresh\" CONTENT=\"0\"></head>";
+
+}  // namespace
+
+SdchPolicyDelegate::SdchPolicyDelegate(std::unique_ptr<Context> context)
+    : dictionary_requested_(false), context_(std::move(context)) {}
+
+SdchPolicyDelegate::~SdchPolicyDelegate() {}
+
+// Dictionary errors are often the first indication that the SDCH stream has
+// become corrupt. There are many possible causes: non-200 response codes, a
+// cached non-SDCH-ified reply, the server opting not to use SDCH, a cached
+// SDCH-ified reply for which the SdchManager did not have the dictionary, a
+// corrupted response, or a response that claims to be SDCH but isn't actually.
+// These are handled here by issuing a meta-refresh or swapping to passthrough
+// mode if appropriate, or failing the request if the error is unrecoverable.
+bool SdchPolicyDelegate::OnDictionaryError(SdchSourceStream* source) {
+  // HTTP 404 might be an unencoded error page, so if decoding failed, pass it
+  // through.
+  // TODO(xunjieli): Figure out whether this special case can be removed.
+  // crbug.com/516773.
+  if (context_->GetResponseCode() == 404) {
+    source->StopDecoding();
+    LogSdchProblem(SDCH_PASS_THROUGH_404_CODE);
+    return true;
+  }
+
+  // HTTP !200 gets a meta-refresh for HTML and a hard failure otherwise.
+  if (context_->GetResponseCode() != 200)
+    return IssueMetaRefreshIfPossible(source);
+
+  // If this is a cached result and the source hasn't requested a dictionary, it
+  // probably never had a dictionary to begin and is an unencoded response from
+  // earlier. If the source has requested a dictionary, but there was still a
+  // dictionary error, then the SdchManager does not have it so this method
+  // needs to issue a meta-refresh to get it.
+  if (context_->IsCachedContent() && !dictionary_requested_) {
+    source->StopDecoding();
+    LogSdchProblem(SDCH_PASS_THROUGH_OLD_CACHED);
+    return true;
+  }
+
+  // Ow. The original request didn't advertise any dictionaries, but the
+  // response claimed to be SDCH, but did not have a plausible dictionary hash.
+  // There is no way to repair this situation: the original request already
+  // didn't advertise any dictionaries, and retrying it would likely have the
+  // same result. Blacklist the domain and try passing through.
+  if (!context_->SdchDictionariesAdvertised() && !dictionary_requested_) {
+    GURL url;
+    if (!context_->GetURL(&url))
+      return false;
+    source->StopDecoding();
+    context_->GetSdchManager()->BlacklistDomain(url,
+                                                SDCH_PASSING_THROUGH_NON_SDCH);
+    return true;
+  }
+
+  return IssueMetaRefreshIfPossible(source);
+}
+
+bool SdchPolicyDelegate::OnDecodingError(SdchSourceStream* source) {
+  // A decoding error, as opposed to a dictionary error, indicates a
+  // decompression failure partway through the payload of the SDCH stream,
+  // which means that the filter already witnessed a valid dictionary ID and
+  // successfully retrieved a dictionary for it. Decoding errors are not
+  // recoverable and it is not appropriate to stop decoding, so there are
+  // relatively few error cases here.
+  //
+  // In particular, a decoding error for an HTML payload is recoverable by
+  // issuing a meta-refresh, but to avoid having that happen too often, this
+  // class also temporarily blacklists the domain. A decoding error for a
+  // non-HTML payload is unrecoverable, so such an error gets a permanent
+  // blacklist entry. If the content was cached, no blacklisting is needed.
+  return IssueMetaRefreshIfPossible(source);
+}
+
+bool SdchPolicyDelegate::OnGetDictionary(const std::string& server_id,
+                                         const std::string** text) {
+  dictionary_requested_ = true;
+  SdchManager::DictionarySet* set = context_->SdchDictionariesAdvertised();
+  if (set) {
+    *text = set->GetDictionaryText(server_id);
+    if (*text)
+      return true;
+  }
+  GURL url;
+  if (!context_->GetURL(&url))
+    return false;
+  // This is a hack. Naively, the dictionaries available for
+  // decoding should be only the ones advertised. However, there are
+  // cases, specifically resources encoded with old dictionaries living
+  // in the cache, that mean the full set of dictionaries should be made
+  // available for decoding. It's not known how often this happens;
+  // if it happens rarely enough, this code can be removed.
+  //
+  // TODO(rdsmith): Long-term, a better solution is necessary, since
+  // an entry in the cache being encoded with the dictionary doesn't
+  // guarantee that the dictionary is present. That solution probably
+  // involves storing unencoded resources in the cache, but might
+  // involve evicting encoded resources on dictionary removal.
+  // See http://crbug.com/383405.
+  SdchProblemCode rv = SDCH_OK;
+  unexpected_dictionary_set_ =
+      context_->GetSdchManager()->GetDictionarySetByHash(url, server_id, &rv);
+  if (unexpected_dictionary_set_) {
+    *text = unexpected_dictionary_set_->GetDictionaryText(server_id);
+    LogSdchProblem(context_->IsCachedContent()
+                       ? SDCH_UNADVERTISED_DICTIONARY_USED_CACHED
+                       : SDCH_UNADVERTISED_DICTIONARY_USED);
+    if (*text)
+      return true;
+  } else {
+    LogSdchProblem(SDCH_DICTIONARY_HASH_NOT_FOUND);
+  }
+  return false;
+}
+
+bool SdchPolicyDelegate::IssueMetaRefreshIfPossible(SdchSourceStream* source) {
+  std::string mime_type;
+  GURL url;
+  if (!context_->GetMimeType(&mime_type) || !context_->GetURL(&url))
+    return false;
+  SdchManager* manager = context_->GetSdchManager();
+
+  // Errors for non-HTML payloads are unrecoverable and get the domain
+  // blacklisted indefinitely.
+  if (mime_type.npos == mime_type.find("text/html")) {
+    SdchProblemCode problem =
+        (context_->IsCachedContent() ? SDCH_CACHED_META_REFRESH_UNSUPPORTED
+                                     : SDCH_META_REFRESH_UNSUPPORTED);
+    manager->BlacklistDomainForever(url, problem);
+    LogSdchProblem(problem);
+    return false;
+  }
+
+  if (context_->IsCachedContent()) {
+    // Cached content is a probably startup tab, so just get the fresh content
+    // and try again, without disabling SDCH.
+    LogSdchProblem(SDCH_META_REFRESH_CACHED_RECOVERY);
+  } else {
+    // Since it wasn't in the cache, blacklist for some period to get the
+    // correct content.
+    manager->BlacklistDomain(url, SDCH_META_REFRESH_RECOVERY);
+    LogSdchProblem(SDCH_META_REFRESH_RECOVERY);
+  }
+
+  source->ReplaceOutput(kRefreshHtml, strlen(kRefreshHtml));
+  return true;
+}
+
+void SdchPolicyDelegate::LogSdchProblem(SdchProblemCode problem) {
+  SdchManager::SdchErrorRecovery(problem);
+  context_->GetNetLog().AddEvent(
+      NetLog::TYPE_SDCH_DECODING_ERROR,
+      base::Bind(&NetLogSdchResourceProblemCallback, problem));
+}
+
+}  // namespace net