Add token field to ClientSafeBrowsingReportReqeust

chrome/browser/safe_browsing/download_protection_service.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/download_protection_service.h"
 
 #include <stddef.h>
 
 #include <memory>
 
@@ skipping 261 matching lines @@
 
 class DownloadProtectionService::CheckClientDownloadRequest
     : public base::RefCountedThreadSafe<
           DownloadProtectionService::CheckClientDownloadRequest,
           BrowserThread::DeleteOnUIThread>,
       public net::URLFetcherDelegate,
       public content::DownloadItem::Observer {
  public:
   CheckClientDownloadRequest(
       content::DownloadItem* item,
-      const CheckDownloadCallback& callback,
+      const CheckDownloadContentCallback& callback,
       DownloadProtectionService* service,
       const scoped_refptr<SafeBrowsingDatabaseManager>& database_manager,
       BinaryFeatureExtractor* binary_feature_extractor)
       : item_(item),
         url_chain_(item->GetUrlChain()),
         referrer_url_(item->GetReferrerUrl()),
         tab_url_(item->GetTabUrl()),
         tab_referrer_url_(item->GetTabReferrerUrl()),
         archived_executable_(false),
         archive_is_valid_(ArchiveValid::UNSET),
@@ skipping 122 matching lines @@
     if (fetcher_.get()) {
       // The DownloadProtectionService is going to release its reference, so we
       // might be destroyed before the URLFetcher completes.  Cancel the
       // fetcher so it does not try to invoke OnURLFetchComplete.
       fetcher_.reset();
     }
     // Note: If there is no fetcher, then some callback is still holding a
     // reference to this object.  We'll eventually wind up in some method on
     // the UI thread that will call FinishRequest() again.  If FinishRequest()
     // is called a second time, it will be a no-op.
-    FinishRequest(UNKNOWN, REASON_REQUEST_CANCELED);
+    FinishRequest(UNKNOWN, REASON_REQUEST_CANCELED, base::EmptyString());
     // Calling FinishRequest might delete this object, we may be deleted by
     // this point.
   }
 
   // content::DownloadItem::Observer implementation.
   void OnDownloadDestroyed(content::DownloadItem* download) override {
     Cancel();
     DCHECK(item_ == NULL);
   }
 
   // From the net::URLFetcherDelegate interface.
   void OnURLFetchComplete(const net::URLFetcher* source) override {
     DCHECK_CURRENTLY_ON(BrowserThread::UI);
     DCHECK_EQ(source, fetcher_.get());
     DVLOG(2) << "Received a response for URL: "
              << item_->GetUrlChain().back() << ": success="
              << source->GetStatus().is_success() << " response_code="
              << source->GetResponseCode();
     if (source->GetStatus().is_success()) {
       UMA_HISTOGRAM_SPARSE_SLOWLY(
           "SBClientDownload.DownloadRequestResponseCode",
           source->GetResponseCode());
     }
     UMA_HISTOGRAM_SPARSE_SLOWLY(
         "SBClientDownload.DownloadRequestNetError",
         -source->GetStatus().error());
     DownloadCheckResultReason reason = REASON_SERVER_PING_FAILED;
     DownloadCheckResult result = UNKNOWN;
+    std::string token;
     if (source->GetStatus().is_success() &&
         net::HTTP_OK == source->GetResponseCode()) {
       ClientDownloadResponse response;
       std::string data;
       bool got_data = source->GetResponseAsString(&data);
       DCHECK(got_data);
       if (!response.ParseFromString(data)) {
         reason = REASON_INVALID_RESPONSE_PROTO;
         result = UNKNOWN;
       } else if (response.verdict() == ClientDownloadResponse::SAFE) {
         reason = REASON_DOWNLOAD_SAFE;
         result = SAFE;
       } else if (service_ && !service_->IsSupportedDownload(
           *item_, item_->GetTargetFilePath())) {
         // The client of the download protection service assumes that we don't
         // support this download so we cannot return any other verdict than
         // UNKNOWN even if the server says it's dangerous to download this file.
         // Note: if service_ is NULL we already cancelled the request and
         // returned UNKNOWN.
         reason = REASON_DOWNLOAD_NOT_SUPPORTED;
         result = UNKNOWN;
       } else if (response.verdict() == ClientDownloadResponse::DANGEROUS) {
         reason = REASON_DOWNLOAD_DANGEROUS;
         result = DANGEROUS;
+        token = response.has_token() ? response.token() : base::EmptyString();
       } else if (response.verdict() == ClientDownloadResponse::UNCOMMON) {
         reason = REASON_DOWNLOAD_UNCOMMON;
         result = UNCOMMON;
+        token = response.has_token() ? response.token() : base::EmptyString();
       } else if (response.verdict() == ClientDownloadResponse::DANGEROUS_HOST) {
         reason = REASON_DOWNLOAD_DANGEROUS_HOST;
         result = DANGEROUS_HOST;
+        token = response.has_token() ? response.token() : base::EmptyString();
       } else if (
           response.verdict() == ClientDownloadResponse::POTENTIALLY_UNWANTED) {
         reason = REASON_DOWNLOAD_POTENTIALLY_UNWANTED;
         result = POTENTIALLY_UNWANTED;
+        token = response.has_token() ? response.token() : base::EmptyString();
       } else {
         LOG(DFATAL) << "Unknown download response verdict: "
                     << response.verdict();
         reason = REASON_INVALID_RESPONSE_VERDICT;
         result = UNKNOWN;
       }
       DownloadFeedbackService::MaybeStorePingsForDownload(
           result, item_, client_download_request_data_, data);
     }
     // We don't need the fetcher anymore.
     fetcher_.reset();
     UMA_HISTOGRAM_TIMES("SBClientDownload.DownloadRequestDuration",
                         base::TimeTicks::Now() - start_time_);
     UMA_HISTOGRAM_TIMES("SBClientDownload.DownloadRequestNetworkDuration",
                         base::TimeTicks::Now() - request_start_time_);
 
-    FinishRequest(result, reason);
+    FinishRequest(result, reason, token);
   }
 
   static bool IsSupportedDownload(const content::DownloadItem& item,
                                   const base::FilePath& target_path,
                                   DownloadCheckResultReason* reason,
                                   ClientDownloadRequest::DownloadType* type) {
     if (item.GetUrlChain().empty()) {
       *reason = REASON_EMPTY_URL_CHAIN;
       return false;
     }
@@ skipping 416 matching lines @@
         item_->GetTargetFilePath().BaseName().AsUTF8Unsafe());
     request.set_download_type(type_);
     if (archive_is_valid_ != ArchiveValid::UNSET)
       request.set_archive_valid(archive_is_valid_ == ArchiveValid::VALID);
     request.mutable_signature()->CopyFrom(signature_info_);
     if (image_headers_)
       request.set_allocated_image_headers(image_headers_.release());
     if (archived_executable_)
       request.mutable_archived_binary()->Swap(&archived_binary_);
     if (!request.SerializeToString(&client_download_request_data_)) {
-      FinishRequest(UNKNOWN, REASON_INVALID_REQUEST_PROTO);
+      FinishRequest(UNKNOWN, REASON_INVALID_REQUEST_PROTO, base::EmptyString());
       return;
     }
 
     // User can manually blacklist a sha256 via flag, for testing.
     // This is checked just before the request is sent, to verify the request
     // would have been sent.  This emmulates the server returning a DANGEROUS
     // verdict as closely as possible.
     if (IsDownloadManuallyBlacklisted(request)) {
       DVLOG(1) << "Download verdict overridden to DANGEROUS by flag.";
       PostFinishTask(DANGEROUS, REASON_MANUAL_BLACKLIST);
@@ skipping 18 matching lines @@
                          client_download_request_data_.size());
     fetcher_->Start();
   }
 
   void PostFinishTask(DownloadCheckResult result,
                       DownloadCheckResultReason reason) {
     BrowserThread::PostTask(
         BrowserThread::UI,
         FROM_HERE,
         base::Bind(&CheckClientDownloadRequest::FinishRequest, this, result,
-                   reason));
+                   reason, base::EmptyString()));
   }
 
   void FinishRequest(DownloadCheckResult result,
-                     DownloadCheckResultReason reason) {
+                     DownloadCheckResultReason reason,
+                     const std::string& token) {
     DCHECK_CURRENTLY_ON(BrowserThread::UI);
     if (finished_) {
       return;
     }
     finished_ = true;
 
     // Ensure the timeout task is cancelled while we still have a non-zero
     // refcount. (crbug.com/240449)
     weakptr_factory_.InvalidateWeakPtrs();
     if (!request_start_time_.is_null()) {
@@ skipping 10 matching lines @@
                             base::TimeTicks::Now() - timeout_start_time_);
       }
     }
     if (service_) {
       DVLOG(2) << "SafeBrowsing download verdict for: "
                << item_->DebugString(true) << " verdict:" << reason
                << " result:" << result;
       UMA_HISTOGRAM_ENUMERATION("SBClientDownload.CheckDownloadStats",
                                 reason,
                                 REASON_MAX);
-      callback_.Run(result);
+      callback_.Run(result, token);
       item_->RemoveObserver(this);
       item_ = NULL;
       DownloadProtectionService* service = service_;
       service_ = NULL;
       service->RequestFinished(this);
       // DownloadProtectionService::RequestFinished will decrement our refcount,
       // so we may be deleted now.
     } else {
-      callback_.Run(UNKNOWN);
+      callback_.Run(UNKNOWN, base::EmptyString());
     }
   }
 
   bool CertificateChainIsWhitelisted(
       const ClientDownloadRequest_CertificateChain& chain) {
     DCHECK_CURRENTLY_ON(BrowserThread::IO);
     if (chain.element_size() < 2) {
       // We need to have both a signing certificate and its issuer certificate
       // present to construct a whitelist entry.
       return false;
@@ skipping 45 matching lines @@
   GURL tab_url_;
   GURL tab_referrer_url_;
 
   bool archived_executable_;
   ArchiveValid archive_is_valid_;
 
   ClientDownloadRequest_SignatureInfo signature_info_;
   std::unique_ptr<ClientDownloadRequest_ImageHeaders> image_headers_;
   google::protobuf::RepeatedPtrField<ClientDownloadRequest_ArchivedBinary>
       archived_binary_;
-  CheckDownloadCallback callback_;
+  CheckDownloadContentCallback callback_;
   // Will be NULL if the request has been canceled.
   DownloadProtectionService* service_;
   scoped_refptr<BinaryFeatureExtractor> binary_feature_extractor_;
   scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
   const bool pingback_enabled_;
   std::unique_ptr<net::URLFetcher> fetcher_;
   scoped_refptr<SandboxedZipAnalyzer> analyzer_;
   base::TimeTicks zip_analysis_start_time_;
 #if defined(OS_MACOSX)
   scoped_refptr<SandboxedDMGAnalyzer> dmg_analyzer_;
@@ skipping 42 matching lines @@
     REQUEST_MALFORMED,
     FETCH_FAILED,
     RESPONSE_MALFORMED,
     SUCCEEDED
   };
 
   PPAPIDownloadRequest(
       const GURL& requestor_url,
       const base::FilePath& default_file_path,
       const std::vector<base::FilePath::StringType>& alternate_extensions,
-      const CheckDownloadCallback& callback,
+      const CheckDownloadContentCallback& callback,
       DownloadProtectionService* service,
       scoped_refptr<SafeBrowsingDatabaseManager> database_manager)
       : requestor_url_(requestor_url),
         default_file_path_(default_file_path),
         alternate_extensions_(alternate_extensions),
         callback_(callback),
         service_(service),
         database_manager_(database_manager),
         start_time_(base::TimeTicks::Now()),
         supported_path_(
             GetSupportedFilePath(default_file_path, alternate_extensions)),
         weakptr_factory_(this) {}
 
   ~PPAPIDownloadRequest() override {
     if (fetcher_ && !callback_.is_null())
-      Finish(RequestOutcome::REQUEST_DESTROYED, UNKNOWN);
+      Finish(RequestOutcome::REQUEST_DESTROYED, UNKNOWN, base::EmptyString());
   }
 
   // Start the process of checking the download request. The callback passed as
   // the |callback| parameter to the constructor will be invoked with the result
   // of the check at some point in the future.
   //
   // From the this point on, the code is arranged to follow the most common
   // workflow.
   //
   // Note that |this| should be added to the list of pending requests in the
   // associated DownloadProtectionService object *before* calling Start().
   // Otherwise a synchronous Finish() call may result in leaking the
   // PPAPIDownloadRequest object. This is enforced via a DCHECK in
   // DownloadProtectionService.
   void Start() {
     DVLOG(2) << "Starting SafeBrowsing download check for PPAPI download from "
              << requestor_url_ << " for [" << default_file_path_.value() << "] "
              << "supported path is [" << supported_path_.value() << "]";
 
     if (supported_path_.empty()) {
       // Neither the default_file_path_ nor any path resulting of trying out
       // |alternate_extensions_| are supported by SafeBrowsing.
-      Finish(RequestOutcome::UNSUPPORTED_FILE_TYPE, SAFE);
+      Finish(RequestOutcome::UNSUPPORTED_FILE_TYPE, SAFE, base::EmptyString());
       return;
     }
 
     // In case the request take too long, the check will abort with an UNKNOWN
     // verdict. The weak pointer used for the timeout will be invalidated (and
     // hence would prevent the timeout) if the check completes on time and
     // execution reaches Finish().
     BrowserThread::PostDelayedTask(
         BrowserThread::UI, FROM_HERE,
         base::Bind(&PPAPIDownloadRequest::OnRequestTimedOut,
@@ skipping 24 matching lines @@
         BrowserThread::UI, FROM_HERE,
         base::Bind(&PPAPIDownloadRequest::WhitelistCheckComplete,
                    download_request, url_was_whitelisted));
   }
 
   void WhitelistCheckComplete(bool was_on_whitelist) {
     DVLOG(2) << __FUNCTION__ << " was_on_whitelist:" << was_on_whitelist;
     if (was_on_whitelist) {
       // TODO(asanka): Should sample whitelisted downloads based on
       // service_->whitelist_sample_rate(). http://crbug.com/610924
-      Finish(RequestOutcome::WHITELIST_HIT, SAFE);
+      Finish(RequestOutcome::WHITELIST_HIT, SAFE, base::EmptyString());
       return;
     }
 
     // Not on whitelist, so we are going to check with the SafeBrowsing
     // backend.
     SendRequest();
   }
 
   void SendRequest() {
     DVLOG(2) << __FUNCTION__;
@@ skipping 16 matching lines @@
           base::FilePath(alternate_extension).AsUTF8Unsafe();
     }
     if (supported_path_ != default_file_path_) {
       *(request.add_alternate_extensions()) =
           base::FilePath(default_file_path_.FinalExtension()).AsUTF8Unsafe();
     }
 
     if (!request.SerializeToString(&client_download_request_data_)) {
       // More of an internal error than anything else. Note that the UNKNOWN
       // verdict gets interpreted as "allowed".
-      Finish(RequestOutcome::REQUEST_MALFORMED, UNKNOWN);
+      Finish(RequestOutcome::REQUEST_MALFORMED, UNKNOWN, base::EmptyString());
       return;
     }
 
     fetcher_ = net::URLFetcher::Create(0, GetDownloadRequestUrl(),
                                        net::URLFetcher::POST, this);
     fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE);
     fetcher_->SetAutomaticallyRetryOn5xx(false);
     fetcher_->SetRequestContext(service_->request_context_getter_.get());
     fetcher_->SetUploadData("application/octet-stream",
                             client_download_request_data_);
     fetcher_->Start();
   }
 
   // net::URLFetcherDelegate
   void OnURLFetchComplete(const net::URLFetcher* source) override {
     DCHECK_CURRENTLY_ON(BrowserThread::UI);
 
     if (!source->GetStatus().is_success() ||
         net::HTTP_OK != source->GetResponseCode()) {
-      Finish(RequestOutcome::FETCH_FAILED, UNKNOWN);
+      Finish(RequestOutcome::FETCH_FAILED, UNKNOWN, base::EmptyString());
       return;
     }
 
     ClientDownloadResponse response;
     std::string response_body;
+    std::string token;
     bool got_data = source->GetResponseAsString(&response_body);
     DCHECK(got_data);
 
     if (response.ParseFromString(response_body)) {
+      token = response.has_token() ? response.token() : base::EmptyString();
       Finish(RequestOutcome::SUCCEEDED,
-             DownloadCheckResultFromClientDownloadResponse(response.verdict()));
+             DownloadCheckResultFromClientDownloadResponse(response.verdict()),
+             token);
     } else {
-      Finish(RequestOutcome::RESPONSE_MALFORMED, UNKNOWN);
+      Finish(RequestOutcome::RESPONSE_MALFORMED, UNKNOWN, base::EmptyString());
     }
   }
 
   void OnRequestTimedOut() {
     DCHECK_CURRENTLY_ON(BrowserThread::UI);
     DVLOG(2) << __FUNCTION__;
-    Finish(RequestOutcome::TIMEDOUT, UNKNOWN);
+    Finish(RequestOutcome::TIMEDOUT, UNKNOWN, base::EmptyString());
   }
 
-  void Finish(RequestOutcome reason, DownloadCheckResult response) {
+  void Finish(RequestOutcome reason,
+              DownloadCheckResult response,
+              const std::string& token) {
     DCHECK_CURRENTLY_ON(BrowserThread::UI);
     DVLOG(2) << __FUNCTION__ << " response: " << response;
     UMA_HISTOGRAM_SPARSE_SLOWLY(
         "SBClientDownload.PPAPIDownloadRequest.RequestOutcome",
         static_cast<int>(reason));
     UMA_HISTOGRAM_SPARSE_SLOWLY("SBClientDownload.PPAPIDownloadRequest.Result",
                                 response);
     UMA_HISTOGRAM_TIMES("SBClientDownload.PPAPIDownloadRequest.RequestDuration",
                         start_time_ - base::TimeTicks::Now());
     if (!callback_.is_null())
-      base::ResetAndReturn(&callback_).Run(response);
+      base::ResetAndReturn(&callback_).Run(response, token);
     fetcher_.reset();
     weakptr_factory_.InvalidateWeakPtrs();
     service_->PPAPIDownloadCheckRequestFinished(this);
     // |this| is deleted.
   }
 
   static DownloadCheckResult DownloadCheckResultFromClientDownloadResponse(
       ClientDownloadResponse::Verdict verdict) {
     switch (verdict) {
       case ClientDownloadResponse::SAFE:
@@ skipping 39 matching lines @@
   const GURL requestor_url_;
 
   // Default download path requested by the PPAPI plugin.
   const base::FilePath default_file_path_;
 
   // List of alternate extensions provided by the PPAPI plugin. Each extension
   // must begin with a leading extension separator.
   const std::vector<base::FilePath::StringType> alternate_extensions_;
 
   // Callback to invoke with the result of the PPAPI download request check.
-  CheckDownloadCallback callback_;
+  CheckDownloadContentCallback callback_;
 
   DownloadProtectionService* service_;
   const scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
 
   // Time request was started.
   const base::TimeTicks start_time_;
 
   // A download path that is supported by SafeBrowsing. This is determined by
   // invoking GetSupportedFilePath(). If non-empty,
   // safe_browsing::IsSupportedBinaryFile(supported_path_) is always true. This
@@ skipping 60 matching lines @@
   }
 }
 
 bool DownloadProtectionService::IsHashManuallyBlacklisted(
     const std::string& sha256_hash) const  {
   return manual_blacklist_hashes_.count(sha256_hash) > 0;
 }
 
 void DownloadProtectionService::CheckClientDownload(
     content::DownloadItem* item,
-    const CheckDownloadCallback& callback) {
+    const CheckDownloadContentCallback& callback) {
   scoped_refptr<CheckClientDownloadRequest> request(
       new CheckClientDownloadRequest(item, callback, this,
                                      database_manager_,
                                      binary_feature_extractor_.get()));
   download_requests_.insert(request);
   request->Start();
 }
 
 void DownloadProtectionService::CheckDownloadUrl(
     const content::DownloadItem& item,
@@ skipping 16 matching lines @@
       ClientDownloadRequest::WIN_EXECUTABLE;
   return (CheckClientDownloadRequest::IsSupportedDownload(
               item, target_path, &reason, &type) &&
           (ClientDownloadRequest::CHROME_EXTENSION != type));
 }
 
 void DownloadProtectionService::CheckPPAPIDownloadRequest(
     const GURL& requestor_url,
     const base::FilePath& default_file_path,
     const std::vector<base::FilePath::StringType>& alternate_extensions,
-    const CheckDownloadCallback& callback) {
+    const CheckDownloadContentCallback& callback) {
   DVLOG(1) << __FUNCTION__ << " url:" << requestor_url
            << " default_file_path:" << default_file_path.value();
   std::unique_ptr<PPAPIDownloadRequest> request(new PPAPIDownloadRequest(
       requestor_url, default_file_path, alternate_extensions, callback, this,
       database_manager_));
   PPAPIDownloadRequest* request_copy = request.get();
   auto insertion_result = ppapi_download_requests_.insert(
       std::make_pair(request_copy, std::move(request)));
   DCHECK(insertion_result.second);
   insertion_result.first->second->Start();
@@ skipping 132 matching lines @@
 GURL DownloadProtectionService::GetDownloadRequestUrl() {
   GURL url(kDownloadRequestUrl);
   std::string api_key = google_apis::GetAPIKey();
   if (!api_key.empty())
     url = url.Resolve("?key=" + net::EscapeQueryParamValue(api_key, true));
 
   return url;
 }
 
 }  // namespace safe_browsing