OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_COMMON_SAFE_BROWSING_FILE_TYPE_POLICIES_H_ | 5 #ifndef CHROME_COMMON_SAFE_BROWSING_FILE_TYPE_POLICIES_H_ |
6 #define CHROME_COMMON_SAFE_BROWSING_FILE_TYPE_POLICIES_H_ | 6 #define CHROME_COMMON_SAFE_BROWSING_FILE_TYPE_POLICIES_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <memory> | 9 #include <memory> |
10 | 10 |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/gtest_prod_util.h" | 12 #include "base/gtest_prod_util.h" |
| 13 #include "base/synchronization/lock.h" |
13 #include "chrome/common/safe_browsing/download_file_types.pb.h" | 14 #include "chrome/common/safe_browsing/download_file_types.pb.h" |
14 | 15 |
15 namespace safe_browsing { | 16 namespace safe_browsing { |
16 | 17 |
| 18 struct FileTypePoliciesSingletonTrait; |
| 19 |
17 // This holds a list of file types (aka file extensions) that we know about, | 20 // This holds a list of file types (aka file extensions) that we know about, |
18 // with policies related to how Safe Browsing and the download UI should treat | 21 // with policies related to how Safe Browsing and the download UI should treat |
19 // them. | 22 // them. |
20 // | 23 // |
21 // The data to populate it is read from a ResourceBundle and then also | 24 // The data to populate it is read from a ResourceBundle and then also |
22 // fetched periodically from Google to get the most up-to-date policies. | 25 // fetched periodically from Google to get the most up-to-date policies. |
23 // | 26 // |
24 // It should be setup and accessed on IO thread. | 27 // This is thread safe. We assume it is updated at most every few hours. |
25 | |
26 // TODO(nparker): Replace the following methods' contents with calls to | |
27 // g_browser_process->safe_browsing_service()->file_type_policies()->***. | |
28 // | |
29 // bool IsSupportedBinaryFile(const base::FilePath& file); | |
30 // bool IsArchiveFile(const base::FilePath& file); | |
31 // ClientDownloadRequest::DownloadType GetDownloadType( | |
32 // const base::FilePath& file); | |
33 // int GetSBClientDownloadTypeValueForUMA(const base::FilePath& file); | |
34 // bool IsAllowedToOpenAutomatically(const base::FilePath& path); | |
35 // DownloadDangerLevel GetFileDangerLevel(const base::FilePath& path); | |
36 | 28 |
37 class FileTypePolicies { | 29 class FileTypePolicies { |
38 public: | 30 public: |
39 // Creator must call one of Populate* before calling other methods. | |
40 FileTypePolicies(); | |
41 virtual ~FileTypePolicies(); | 31 virtual ~FileTypePolicies(); |
42 | 32 |
43 // Read data from the main ResourceBundle. This updates the internal list | 33 static FileTypePolicies* GetInstance(); // Singleton |
44 // only if the data passes integrity checks. This is normally called once | |
45 // after construction. | |
46 void PopulateFromResourceBundle(); | |
47 | 34 |
48 // Update the internal list from a binary proto fetched from the network. | 35 // Update the internal list from a binary proto fetched from the network. |
49 // Same integrity checks apply. This can be called multiple times with new | 36 // Same integrity checks apply. This can be called multiple times with new |
50 // protos. | 37 // protos. |
51 void PopulateFromDynamicUpdate(const std::string& binary_pb); | 38 void PopulateFromDynamicUpdate(const std::string& binary_pb); |
52 | 39 |
| 40 // |
| 41 // Static Utils |
| 42 // |
| 43 |
| 44 // Returns the final extension with the leading dot, after stripping |
| 45 // trailing dots and spaces. It is difference from FilePath::Extension() |
| 46 // and FilePath::FinalExtension(). |
| 47 // TODO(nparker): Consolidate. Maybe add this code to FinalExtension(). |
| 48 static base::FilePath::StringType GetFileExtension( |
| 49 const base::FilePath& file); |
| 50 |
| 51 // |
53 // Accessors | 52 // Accessors |
54 const DownloadFileType& PolicyForFile(const base::FilePath& file); | 53 // |
55 const DownloadFileType::PlatformSettings& SettingsForFile( | 54 DownloadFileType PolicyForFile(const base::FilePath& file) const; |
56 const base::FilePath& file); | 55 DownloadFileType::PlatformSettings SettingsForFile( |
57 int64_t UmaValueForFile(const base::FilePath& file); | 56 const base::FilePath& file) const; |
58 bool IsFileAnArchive(const base::FilePath& file); | 57 bool IsArchiveFile(const base::FilePath& file) const; |
| 58 |
| 59 // SBClientDownloadExtensions UMA histogram bucket for this file's type. |
| 60 int64_t UmaValueForFile(const base::FilePath& file) const; |
| 61 |
| 62 // True if download protection should send a ping to check |
| 63 // this type of file. |
| 64 bool IsCheckedBinaryFile(const base::FilePath& file) const; |
| 65 |
59 float SampledPingProbability() const; | 66 float SampledPingProbability() const; |
60 | 67 |
61 protected: | 68 protected: |
| 69 // Creator must call one of Populate* before calling other methods. |
| 70 FileTypePolicies(); |
| 71 |
62 // Used in metrics, do not reorder. | 72 // Used in metrics, do not reorder. |
63 enum class UpdateResult { | 73 enum class UpdateResult { |
64 SUCCESS = 1, | 74 SUCCESS = 1, |
65 FAILED_EMPTY = 2, | 75 FAILED_EMPTY = 2, |
66 FAILED_PROTO_PARSE = 3, | 76 FAILED_PROTO_PARSE = 3, |
67 FAILED_DELTA_CHECK = 4, | 77 FAILED_DELTA_CHECK = 4, |
68 FAILED_VERSION_CHECK = 5, | 78 FAILED_VERSION_CHECK = 5, |
69 FAILED_DEFAULT_SETTING_SET = 6, | 79 FAILED_DEFAULT_SETTING_SET = 6, |
70 FAILED_WRONG_SETTINGS_COUNT = 7, | 80 FAILED_WRONG_SETTINGS_COUNT = 7, |
71 }; | 81 }; |
72 | 82 |
73 // Read data from an serialized protobuf and update the internal list | 83 // Read data from an serialized protobuf and update the internal list |
74 // only if it passes integrity checks. | 84 // only if it passes integrity checks. |
75 virtual UpdateResult PopulateFromBinaryPb(const std::string& binary_pb); | 85 virtual UpdateResult PopulateFromBinaryPb(const std::string& binary_pb); |
76 | 86 |
77 // Fetch the blob from the main resource bundle. | 87 // Fetch the blob from the main resource bundle. |
78 virtual void ReadResourceBundle(std::string* binary_pb); | 88 virtual void ReadResourceBundle(std::string* binary_pb); |
79 | 89 |
80 // Record the result of an update attempt. | 90 // Record the result of an update attempt. |
81 virtual void RecordUpdateMetrics(UpdateResult result, | 91 virtual void RecordUpdateMetrics(UpdateResult result, |
82 const std::string& src_name); | 92 const std::string& src_name); |
83 | 93 |
84 // Return the ASCII lowercase extension w/o leading dot, or empty. | 94 // Return the ASCII lowercase extension w/o leading dot, or empty. |
85 static std::string CanonicalizedExtension(const base::FilePath& file); | 95 static std::string CanonicalizedExtension(const base::FilePath& file); |
86 | 96 |
| 97 // Look up the policy for a given ASCII ext. |
| 98 virtual const DownloadFileType& PolicyForExtension( |
| 99 const std::string& ext) const; |
| 100 |
87 private: | 101 private: |
| 102 // Read data from the main ResourceBundle. This updates the internal list |
| 103 // only if the data passes integrity checks. This is normally called once |
| 104 // after construction. |
| 105 void PopulateFromResourceBundle(); |
| 106 |
88 // The latest config we've committed. Starts out null. | 107 // The latest config we've committed. Starts out null. |
| 108 // Protected by lock_. |
89 std::unique_ptr<DownloadFileTypeConfig> config_; | 109 std::unique_ptr<DownloadFileTypeConfig> config_; |
90 | 110 |
91 // This references entries in config_. | 111 // This references entries in config_. |
| 112 // Protected by lock_. |
92 std::map<std::string, const DownloadFileType*> file_type_by_ext_; | 113 std::map<std::string, const DownloadFileType*> file_type_by_ext_; |
93 | 114 |
94 // Type used if we can't load from disk. | 115 // Type used if we can't load from disk. |
| 116 // Written only in the constructor. |
95 DownloadFileType last_resort_default_; | 117 DownloadFileType last_resort_default_; |
96 | 118 |
| 119 mutable base::Lock lock_; |
| 120 |
97 FRIEND_TEST_ALL_PREFIXES(FileTypePoliciesTest, UnpackResourceBundle); | 121 FRIEND_TEST_ALL_PREFIXES(FileTypePoliciesTest, UnpackResourceBundle); |
98 FRIEND_TEST_ALL_PREFIXES(FileTypePoliciesTest, BadProto); | 122 FRIEND_TEST_ALL_PREFIXES(FileTypePoliciesTest, BadProto); |
99 FRIEND_TEST_ALL_PREFIXES(FileTypePoliciesTest, BadUpdateFromExisting); | 123 FRIEND_TEST_ALL_PREFIXES(FileTypePoliciesTest, BadUpdateFromExisting); |
| 124 |
| 125 friend struct FileTypePoliciesSingletonTrait; |
100 }; | 126 }; |
101 | 127 |
102 } // namespace safe_browsing | 128 } // namespace safe_browsing |
103 | 129 |
104 #endif // CHROME_COMMON_SAFE_BROWSING_FILE_TYPE_POLICIES_H_ | 130 #endif // CHROME_COMMON_SAFE_BROWSING_FILE_TYPE_POLICIES_H_ |
OLD | NEW |