Safe Browsing: CheckApiBlacklist request implementation

components/safe_browsing_db/database_manager.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // The Safe Browsing service is responsible for downloading anti-phishing and
 // anti-malware tables and checking urls against them.
 
 #ifndef COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_
 #define COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_
 
 #include <deque>
 #include <map>
 #include <set>
 #include <string>
 #include <vector>
 
+#include "base/gtest_prod_util.h"
+#include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "components/safe_browsing_db/hit_report.h"
 #include "components/safe_browsing_db/util.h"
 #include "content/public/common/resource_type.h"
 #include "url/gurl.h"
 
 namespace net {
 class URLRequestContextGetter;
 }  // namespace net
 
@@ skipping 29 matching lines @@
     // Called when the result of checking the API blacklist is known.
     virtual void OnCheckApiBlacklistUrlResult(const GURL& url,
                                               const ThreatMetadata& metadata) {}
 
     // Called when the result of checking the resource blacklist is known.
     virtual void OnCheckResourceUrlResult(const GURL& url,
                                           SBThreatType threat_type,
                                           const std::string& threat_hash) {}
   };
 
+  // Bundled client info for an API abuse hash prefix check.
+  struct SafeBrowsingApiCheck {

[Nathan Parker, 2016/04/11 16:28:50]

This could be a class, since you've got public and private sections.

[kcarattini, 2016/04/12 01:27:02]

Done.

+   public:
+    SafeBrowsingApiCheck(const GURL& url,
+                         const std::vector<SBFullHash>& full_hashes,
+                         Client* client);
+    ~SafeBrowsingApiCheck();
+
+   private:
+    GURL url;
+    std::vector<SBFullHash> full_hashes;
+    SafeBrowsingDatabaseManager::Client* client;

[Nathan Parker, 2016/04/11 16:28:50]

 // Not owned

[kcarattini, 2016/04/12 01:27:02]

Done.

+
+    DISALLOW_COPY_AND_ASSIGN(SafeBrowsingApiCheck);
+  };
 
   // Returns true if URL-checking is supported on this build+device.
   // If false, calls to CheckBrowseUrl may dcheck-fail.
   virtual bool IsSupported() const = 0;
 
   // Returns the ThreatSource for this implementation.
   virtual ThreatSource GetThreatSource() const = 0;
 
   // Returns true if checks are never done synchronously, and therefore
   // always have some latency.
@@ skipping 66 matching lines @@
   virtual bool MatchModuleWhitelistString(const std::string& str) = 0;
 
   // Check if the CSD malware IP matching kill switch is turned on.
   virtual bool IsMalwareKillSwitchOn() = 0;
 
   // Check if the CSD whitelist kill switch is turned on.
   virtual bool IsCsdWhitelistKillSwitchOn() = 0;
 
   // Called on the IO thread to cancel a pending check if the result is no
   // longer needed.  Also called after the result has been handled.
   virtual void CancelCheck(Client* client) = 0;

[Nathan Parker, 2016/04/11 16:28:50]

Does this apply to CheckAPIBlacklistUrl clients?

[kcarattini, 2016/04/12 01:27:02]

There's no functionality for it at the moment but it could be added. I can't
think of a time when it would be necessary. What do you think?

[Nathan Parker, 2016/04/12 04:35:49]

What happens if the caller (who owns the Client) needs to get deleted before the
callback is invoked?  I think we need some way for it to say "nevermind, don't
call me back."  I could be a CancelApiClient(). In that case you could use
something other than the Client signature.  I think Client could be split into
several different signatures, one for each set of parameters. That'd be cleaner
in that you'd know that your Client doesn't need to support the other types. 

[kcarattini, 2016/04/12 07:47:49]

I've added a TODO to add a CancelApiCheck method.

 
   // Called on the IO thread to check if the given url has blacklisted APIs.
   // "client" is called asynchronously with the result when it is ready.
   // This method has the same implementation for both the local and remote
   // database managers since it pings Safe Browsing servers directly without
-  // accessing the database at all.
-  virtual void CheckApiBlacklistUrl(const GURL& url, Client* client);
+  // accessing the database at all.  Returns true if we can synchronously
+  // determine that the url is safe. Otherwise it returns false, and "client" is
+  // called asynchronously with the result when it is ready.
+  virtual bool CheckApiBlacklistUrl(const GURL& url, Client* client);
+
+  // Called on the IO thread wheh the SafeBrowsingProtocolManager has received
+  // the full hash and api results for prefixes of the |url| argument in
+  // CheckApiBlacklistUrl.
+  virtual void HandleGetHashesWithApisResults(SafeBrowsingApiCheck* check,
+    const std::vector<SBFullHashResult>& full_hash_results,
+    const base::TimeDelta& negative_cache_duration);
 
   // Called to initialize objects that are used on the io_thread, such as the
   // v4 protocol manager.  This may be called multiple times during the life of
   // the DatabaseManager. Must be called on IO thread.
   virtual void StartOnIOThread(
       net::URLRequestContextGetter* request_context_getter,
       const V4ProtocolConfig& config);
 
   // Called to stop or shutdown operations on the io_thread.
   virtual void StopOnIOThread(bool shutdown);
 
  protected:
   SafeBrowsingDatabaseManager();
 
   virtual ~SafeBrowsingDatabaseManager();
 
   friend class base::RefCountedThreadSafe<SafeBrowsingDatabaseManager>;
 
-  // Created and destroyed via StartonIOThread/StopOnIOThread.
+  FRIEND_TEST_ALL_PREFIXES(SafeBrowsingDatabaseManagerTest,
+                           CheckApiBlacklistUrlPrefixes);
+
+  // Created and destroyed via StartOnIOThread/StopOnIOThread.
   V4GetHashProtocolManager* v4_get_hash_protocol_manager_;
 };  // class SafeBrowsingDatabaseManager
 
 }  // namespace safe_browsing
 
 #endif  // COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_