First experimental implementation of the Clear-Site-Data header

content/browser/browsing_data/clear_site_data_throttle.cc

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/browsing_data/clear_site_data_throttle.h"
+
+#include "base/json/json_reader.h"
+#include "base/json/json_string_value_serializer.h"
+#include "base/strings/stringprintf.h"
+#include "base/values.h"
+#include "content/browser/frame_host/navigation_handle_impl.h"
+#include "content/public/browser/browser_context.h"
+#include "content/public/browser/content_browser_client.h"
+#include "content/public/browser/navigation_handle.h"
+#include "content/public/browser/web_contents.h"
+#include "content/public/common/content_client.h"
+#include "content/public/common/origin_util.h"
+#include "net/http/http_response_headers.h"
+#include "url/gurl.h"
+#include "url/origin.h"
+
+namespace content {
+
+namespace {
+
+static const char* kClearSiteDataHeader = "Clear-Site-Data";
+
+static const char* kTypesKey = "types";
+
+// Pretty-printed log output.
+static const char* kConsoleMessageFormat =
+    "Clear-Site-Data header on '%s': %s";
+static const char* kClearingOneType = "Clearing %s.";
+static const char* kClearingTwoTypes = "Clearing %s and %s.";
+static const char* kClearingThreeTypes = "Clearing %s, %s, and %s.";
+
+// Console logging. Adds a |text| message with |level| to |messages|.
+void ConsoleLog(std::vector<ClearSiteDataThrottle::ConsoleMessage>* messages,

[clamy, 2016/07/18 14:47:49]

@mkwst: Didn't you have a patch that enables this feature at the
NavigationHandle level? If we plan to have it used by several
WebContentsObservers and NavigationThrottles, this should be put in the
NavigationHandle.

[msramek, 2016/07/18 17:03:20]

For the record, it was this one: https://codereview.chromium.org/2101323002/ But
it's not landed yet.

If I can assume that it's close to the final state, I could commit it locally
and rebase on top of it to see how this CL is going to look like with it?

+                const std::string& text, ConsoleMessageLevel level) {
+  messages->push_back({text, level});
+}
+
+}  // namespace
+
+// static
+std::unique_ptr<NavigationThrottle>
+    ClearSiteDataThrottle::CreateThrottleFor(NavigationHandle* handle) {
+  return std::unique_ptr<NavigationThrottle>(new ClearSiteDataThrottle(handle));
+}
+
+ClearSiteDataThrottle::~ClearSiteDataThrottle() {}
+
+ClearSiteDataThrottle::ThrottleCheckResult
+    ClearSiteDataThrottle::WillStartRequest() {
+  current_url_ = navigation_handle()->GetURL();
+  return PROCEED;
+}
+
+ClearSiteDataThrottle::ThrottleCheckResult
+    ClearSiteDataThrottle::WillRedirectRequest() {
+  // We are processing a redirect from url1 to url2. GetResponseHeaders()
+  // contains headers from url1, but GetURL() is already equal to url2. Handle
+  // the headers before updating the URL, so that |current_url_| corresponds
+  // to the URL that sent the headers.
+  HandleHeader();
+  current_url_ = navigation_handle()->GetURL();
+
+  return PROCEED;
+}
+
+ClearSiteDataThrottle::ThrottleCheckResult
+    ClearSiteDataThrottle::WillProcessResponse() {
+  HandleHeader();
+
+  // Now that RenderFrameHost is ready, output the console messages.
+  for (const ConsoleMessage& message : messages_) {
+    navigation_handle()->GetRenderFrameHost()->AddMessageToConsole(

[clamy, 2016/07/18 14:47:49]

This won't work when the navigation is transferred. The messages will be
outputted to the wrong RFH. We plan to fix this, but the patches haven't landed
yet.

[msramek, 2016/07/18 17:03:20]

My original solution was actually using WebContentsObserver::DidFinishNavigation
- should I return to that solution?

Do you have estimates for when the fix comes in? And am I informed correctly
that this is only about web<->extension navigations?

[clamy, 2016/07/19 13:27:54]

WebContentsObserver::DidFinishNavigation will give you the correct
RenderFrameHost.

Currently this is only used for web<->extension navigations as part of isolated
extensions. The fix may take a few weeks to come in, since it's blocked on
landing 2 rather complex CLs.

[msramek, 2016/07/19 16:44:33]

Ok, then I guess it's better if we don't wait for it. I implemented the solution
with WebContentsObserver.

One thing that I found surprising though is that:
1. I have a navigation handle.
2. I take its WebContents and use a WebContentsObserver on it.
3. WebContentsObserver::DidFinishNavigation() passes me a navigation handle.
4. Expected: The handle in #3 is the same as in #1. Actual: Not always.

Is this also related to transfer navigations? I thought that it's the point of
the handle that it stays the same?

+        message.level,
+        base::StringPrintf(
+            kConsoleMessageFormat, navigation_handle()->GetURL().spec().c_str(),
+            message.text.c_str()));
+  }
+
+  return PROCEED;
+}
+
+ClearSiteDataThrottle::ClearSiteDataThrottle(NavigationHandle* handle)
+    : NavigationThrottle(handle) {}
+
+void ClearSiteDataThrottle::HandleHeader() {
+  NavigationHandleImpl* handle =
+      static_cast<NavigationHandleImpl*>(navigation_handle());
+
+  // Ignore file URL navigations, as those have no response headers.
+  if (current_url_.SchemeIsFile())
+    return;
+
+  // Only accept the header on secure origins.
+  if (!IsOriginSecure(current_url_)) {
+    ConsoleLog(&messages_,
+               "Not supported for insecure origins.",
+               CONSOLE_MESSAGE_LEVEL_ERROR);
+    return;
+  }
+
+  // Extract the instances of the header and parse them.
+  size_t iter = 0;
+  std::string header_name;
+  std::string header_value;
+  while (handle->GetResponseHeaders()->EnumerateHeaderLines(
+      &iter, &header_name, &header_value)) {
+    if (header_name != kClearSiteDataHeader)
+      continue;
+
+    bool clear_cookies;
+    bool clear_storage;
+    bool clear_cache;
+
+    if (!ParseHeader(header_value, &clear_cookies, &clear_storage, &clear_cache,
+                     &messages_)) {
+      continue;
+    }
+
+    // If the header is valid, clear the data for this browser context
+    // and origin.
+    BrowserContext* browser_context =
+        handle->GetWebContents()->GetBrowserContext();
+    url::Origin origin(current_url_);
+
+    GetContentClient()->browser()->ClearSiteData(
+        browser_context, origin, clear_cookies, clear_storage, clear_cache);
+  }
+}
+
+bool ClearSiteDataThrottle::ParseHeader(
+    const std::string& header,
+    bool* clear_cookies, bool* clear_storage, bool* clear_cache,
+    std::vector<ConsoleMessage>* messages) {
+  std::unique_ptr<base::Value> parsed_header =
+      base::JSONReader::Read(header);
+
+  if (!parsed_header) {
+    ConsoleLog(messages,
+               base::StringPrintf("%s is not a valid JSON.", header.c_str()),
+               CONSOLE_MESSAGE_LEVEL_ERROR);
+    return false;
+  }
+
+  const base::ListValue* types = nullptr;
+  if (!parsed_header->GetAsDictionary(nullptr) ||
+      !static_cast<base::DictionaryValue*>(parsed_header.get())
+          ->GetListWithoutPathExpansion(kTypesKey, &types)) {
+    ConsoleLog(messages,
+               base::StringPrintf(
+                   "%s is not a JSON dictionary with a 'types' field.",
+                   header.c_str()),
+               CONSOLE_MESSAGE_LEVEL_ERROR);
+    return false;
+  }
+
+  DCHECK(types);
+
+  *clear_cookies = false;
+  *clear_storage = false;
+  *clear_cache = false;
+
+  std::vector<std::string> type_names;
+  for (const std::unique_ptr<base::Value>& value : *types) {
+    std::string type;
+    value->GetAsString(&type);
+
+    bool* datatype = nullptr;
+
+    if (type == "cookies") {
+      datatype = clear_cookies;
+    } else if (type == "storage") {
+      datatype = clear_storage;
+    } else if (type == "cache") {
+      datatype = clear_cache;
+    } else {
+      std::string serialized_type;
+      JSONStringValueSerializer serializer(&serialized_type);
+      serializer.Serialize(*value);
+      ConsoleLog(messages,
+                 base::StringPrintf("Invalid type: %s.",
+                                    serialized_type.c_str()),
+                 CONSOLE_MESSAGE_LEVEL_ERROR);
+      continue;
+    }
+
+    // Each data type should only be processed once.
+    DCHECK(datatype);
+    if (*datatype)
+      continue;
+
+    *datatype = true;
+    type_names.push_back(type);
+  }
+
+  if (!*clear_cookies && !*clear_storage && !*clear_cache) {
+    ConsoleLog(messages,
+               base::StringPrintf(
+                   "No valid types specified in %s.", header.c_str()),
+               CONSOLE_MESSAGE_LEVEL_ERROR);
+    return false;
+  }
+
+  // Pretty-print which types are to be cleared.
+  std::string output;
+  switch (type_names.size()) {
+    case 1:
+      output = base::StringPrintf(kClearingOneType, type_names[0].c_str());
+      break;
+    case 2:
+      output = base::StringPrintf(
+          kClearingTwoTypes, type_names[0].c_str(), type_names[1].c_str());
+      break;
+    case 3:
+      output = base::StringPrintf(
+          kClearingThreeTypes,
+          type_names[0].c_str(), type_names[1].c_str(), type_names[2].c_str());
+      break;
+    default:
+      NOTREACHED();
+  }
+  ConsoleLog(messages, output, CONSOLE_MESSAGE_LEVEL_LOG);
+
+  return true;
+}
+
+}  // namespace content