Support new Safe Browsing list "goog-badresource-shavar" in SafeBrowsingDatabase.

chrome/browser/safe_browsing/local_database_manager.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Safe Browsing Database Manager implementation that manages a local
 // database.  This is used by Desktop Chromium.
 
 #ifndef CHROME_BROWSER_SAFE_BROWSING_LOCAL_DATABASE_MANAGER_H_
 #define CHROME_BROWSER_SAFE_BROWSING_LOCAL_DATABASE_MANAGER_H_
 
@@ skipping 48 matching lines @@
     SafeBrowsingCheck(const std::vector<GURL>& urls,
                       const std::vector<SBFullHash>& full_hashes,
                       Client* client,
                       ListType check_type,
                       const std::vector<SBThreatType>& expected_threats);
     ~SafeBrowsingCheck();
 
     // Either |urls| or |full_hashes| is used to lookup database. |*_results|
     // are parallel vectors containing the results. They are initialized to
     // contain SB_THREAT_TYPE_SAFE.
+    // |url_hit_hash| and |url_metadata| are parallel vectors containing full
+    // hash and metadata of a database record provided the result. They are
+    // initialized to be empty strings.
     std::vector<GURL> urls;
     std::vector<SBThreatType> url_results;
     std::vector<std::string> url_metadata;
+    std::vector<std::string> url_hit_hash;

[Nathan Parker, 2016/02/16 21:42:00]

Why is this needed?

[veranika, 2016/02/17 15:37:54]

In the resource request incident report we don't report the specific resource
URL that triggered the incident, but the hash of the URL pattern. This is less
privacy intrusive and this way we can report evil.com only once even if multiple
scripts were loaded from evil.com.

     std::vector<SBFullHash> full_hashes;
     std::vector<SBThreatType> full_hash_results;
 
     SafeBrowsingDatabaseManager::Client* client;
     bool is_extended_reporting;
     bool need_get_hash;
     base::TimeTicks start;  // When check was sent to SB service.
     ListType check_type;  // See comment in constructor.
     std::vector<SBThreatType> expected_threats;
     std::vector<SBPrefix> prefix_hits;
@@ skipping 26 matching lines @@
   safe_browsing::ThreatSource GetThreatSource() const override;
   bool ChecksAreAlwaysAsync() const override;
   bool CanCheckResourceType(content::ResourceType resource_type) const override;
   bool CanCheckUrl(const GURL& url) const override;
 
   bool CheckBrowseUrl(const GURL& url, Client* client) override;
   bool CheckDownloadUrl(const std::vector<GURL>& url_chain,
                         Client* client) override;
   bool CheckExtensionIDs(const std::set<std::string>& extension_ids,
                          Client* client) override;
+  bool CheckResourceUrl(const GURL& url, Client* client) override;
   bool MatchCsdWhitelistUrl(const GURL& url) override;
   bool MatchMalwareIP(const std::string& ip_address) override;
   bool MatchDownloadWhitelistUrl(const GURL& url) override;
   bool MatchDownloadWhitelistString(const std::string& str) override;
   bool MatchInclusionWhitelistUrl(const GURL& url) override;
   bool IsMalwareKillSwitchOn() override;
   bool IsCsdWhitelistKillSwitchOn() override;
   void CancelCheck(Client* client) override;
   void StartOnIOThread() override;
   void StopOnIOThread(bool shutdown) override;
@@ skipping 150 matching lines @@
   void TimeoutCallback(SafeBrowsingCheck* check);
 
   // Calls the Client's callback on IO thread after CheckDownloadUrl finishes.
   void OnAsyncCheckDone(SafeBrowsingCheck* check,
                         const std::vector<SBPrefix>& prefix_hits);
 
   // Checks all extension ID hashes on |safe_browsing_task_runner_|.
   std::vector<SBPrefix> CheckExtensionIDsOnSBThread(
       const std::vector<SBPrefix>& prefixes);
 
+  // Checks all resource URL hashes on |safe_browsing_task_runner_|.
+  std::vector<SBPrefix> CheckResourceUrlOnSBThread(
+      const std::vector<SBPrefix>& prefixes);
+
   // Helper function that calls safe browsing client and cleans up |checks_|.
   void SafeBrowsingCheckDone(SafeBrowsingCheck* check);
 
   // Helper function to set |check| with default values and start a safe
   // browsing check with timeout of |timeout|. |task| will be called on
   // success, otherwise TimeoutCallback will be called.
   void StartSafeBrowsingCheck(
       SafeBrowsingCheck* check,
       const base::Callback<std::vector<SBPrefix>(void)>& task);
 
@@ skipping 39 matching lines @@
 
   // Indicate if the extension blacklist should be enabled.
   bool enable_extension_blacklist_;
 
   // Indicate if the csd malware IP blacklist should be enabled.
   bool enable_ip_blacklist_;
 
   // Indicate if the unwanted software blacklist should be enabled.
   bool enable_unwanted_software_blacklist_;
 
+  // Indicate if the resources blacklist should be enabled.
+  bool enable_resource_blacklist_;

[Nathan Parker, 2016/02/16 21:42:00]

Do you need this?  If you want a flag or a finch control, it might be better to
put it outside of database_manager code.

[veranika, 2016/02/17 15:37:54]

Probably I don't. I added it here mostly to be uniform with similar lists.
Deleted.

+
   // The sequenced task runner for running safe browsing database operations.
   scoped_refptr<base::SequencedTaskRunner> safe_browsing_task_runner_;
 
   // Indicates if we're currently in an update cycle.
   bool update_in_progress_;
 
   // When true, newly fetched chunks may not in the database yet since the
   // database is still updating.
   bool database_update_in_progress_;
 
   // Indicates if we're in the midst of trying to close the database.  If this
   // is true, nothing on the IO thread should access the database.
   bool closing_database_;
 
   std::deque<QueuedCheck> queued_checks_;
 
   // Timeout to use for safe browsing checks.
   base::TimeDelta check_timeout_;
 
   DISALLOW_COPY_AND_ASSIGN(LocalSafeBrowsingDatabaseManager);
 };  // class LocalSafeBrowsingDatabaseManager
 
 }  // namespace safe_browsing
 
 #endif  // CHROME_BROWSER_SAFE_BROWSING_LOCAL_DATABASE_MANAGER_H_