Safe Browsing: CheckApiBlacklist request implementation

components/safe_browsing_db/database_manager.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // The Safe Browsing service is responsible for downloading anti-phishing and
 // anti-malware tables and checking urls against them.
 
 #ifndef COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_
 #define COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_
 
 #include <deque>
 #include <map>
 #include <set>
 #include <string>
 #include <vector>
 
+#include "base/gtest_prod_util.h"
+#include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "components/safe_browsing_db/hit_report.h"
 #include "components/safe_browsing_db/util.h"
 #include "content/public/common/resource_type.h"
 #include "url/gurl.h"
 
 namespace net {
 class URLRequestContextGetter;
 }  // namespace net
 
@@ skipping 29 matching lines @@
     // Called when the result of checking the API blacklist is known.
     virtual void OnCheckApiBlacklistUrlResult(const GURL& url,
                                               const ThreatMetadata& metadata) {}
 
     // Called when the result of checking the resource blacklist is known.
     virtual void OnCheckResourceUrlResult(const GURL& url,
                                           SBThreatType threat_type,
                                           const std::string& threat_hash) {}
   };
 
+  // Bundled client info for an API abuse hash prefix check.
+  class SafeBrowsingApiCheck {

[Nathan Parker, 2016/04/15 23:14:29]

Does this class need to be public in SBDbMgr? External clients shouldn't need
it.

[kcarattini, 2016/04/18 06:56:56]

Done.

+   public:
+    SafeBrowsingApiCheck(const GURL& url,
+                         const std::vector<SBFullHash>& full_hashes,
+                         Client* client);
+    ~SafeBrowsingApiCheck();
+
+   private:
+    GURL url_;
+    std::vector<SBFullHash> full_hashes_;
+    // Not owned.
+    SafeBrowsingDatabaseManager::Client* client_;
+
+    DISALLOW_COPY_AND_ASSIGN(SafeBrowsingApiCheck);
+  };
 
   // Returns true if URL-checking is supported on this build+device.
   // If false, calls to CheckBrowseUrl may dcheck-fail.
   virtual bool IsSupported() const = 0;
 
   // Returns the ThreatSource for this implementation.
   virtual ThreatSource GetThreatSource() const = 0;
 
   // Returns true if checks are never done synchronously, and therefore
   // always have some latency.
@@ skipping 65 matching lines @@
   // an error occurs.  This method must be called on the IO thread.
   virtual bool MatchModuleWhitelistString(const std::string& str) = 0;
 
   // Check if the CSD malware IP matching kill switch is turned on.
   virtual bool IsMalwareKillSwitchOn() = 0;
 
   // Check if the CSD whitelist kill switch is turned on.
   virtual bool IsCsdWhitelistKillSwitchOn() = 0;
 
   // Called on the IO thread to cancel a pending check if the result is no
-  // longer needed.  Also called after the result has been handled.
+  // longer needed.  Also called after the result has been handled. Api checks
+  // are handled separately. To cancel an API check use CancelApiCheck.
   virtual void CancelCheck(Client* client) = 0;
 
+  // TODO(kcarattini): Add a CancelApiCheck method.
+
   // Called on the IO thread to check if the given url has blacklisted APIs.
   // "client" is called asynchronously with the result when it is ready.
   // This method has the same implementation for both the local and remote
   // database managers since it pings Safe Browsing servers directly without
-  // accessing the database at all.
-  virtual void CheckApiBlacklistUrl(const GURL& url, Client* client);
+  // accessing the database at all.  Returns true if we can synchronously
+  // determine that the url is safe. Otherwise it returns false, and "client" is
+  // called asynchronously with the result when it is ready.
+  virtual bool CheckApiBlacklistUrl(const GURL& url, Client* client);
+
+  // Called on the IO thread wheh the SafeBrowsingProtocolManager has received
+  // the full hash and api results for prefixes of the |url| argument in
+  // CheckApiBlacklistUrl.
+  virtual void HandleGetHashesWithApisResults(

[Nathan Parker, 2016/04/15 23:14:29]

protected?

[kcarattini, 2016/04/18 06:56:56]

Done.

+      std::shared_ptr<SafeBrowsingApiCheck> check,
+      const std::vector<SBFullHashResult>& full_hash_results,
+      const base::TimeDelta& negative_cache_duration);
 
   // Called to initialize objects that are used on the io_thread, such as the
   // v4 protocol manager.  This may be called multiple times during the life of
   // the DatabaseManager. Must be called on IO thread.
   virtual void StartOnIOThread(
       net::URLRequestContextGetter* request_context_getter,
       const V4ProtocolConfig& config);
 
   // Called to stop or shutdown operations on the io_thread.
   virtual void StopOnIOThread(bool shutdown);
 
  protected:
   SafeBrowsingDatabaseManager();
 
   virtual ~SafeBrowsingDatabaseManager();
 
   friend class base::RefCountedThreadSafe<SafeBrowsingDatabaseManager>;
 
-  // Created and destroyed via StartonIOThread/StopOnIOThread.
+  FRIEND_TEST_ALL_PREFIXES(SafeBrowsingDatabaseManagerTest,
+                           CheckApiBlacklistUrlPrefixes);
+
+  // Created and destroyed via StartOnIOThread/StopOnIOThread.
   V4GetHashProtocolManager* v4_get_hash_protocol_manager_;
 };  // class SafeBrowsingDatabaseManager
 
 }  // namespace safe_browsing
 
 #endif  // COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_