OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/proxy/proxy_service.h" | 5 #include "net/proxy/proxy_service.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <cmath> | 8 #include <cmath> |
9 #include <utility> | 9 #include <utility> |
10 | 10 |
(...skipping 329 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
340 ~UnsetProxyConfigService() override {} | 340 ~UnsetProxyConfigService() override {} |
341 | 341 |
342 void AddObserver(Observer* observer) override {} | 342 void AddObserver(Observer* observer) override {} |
343 void RemoveObserver(Observer* observer) override {} | 343 void RemoveObserver(Observer* observer) override {} |
344 ConfigAvailability GetLatestProxyConfig(ProxyConfig* config) override { | 344 ConfigAvailability GetLatestProxyConfig(ProxyConfig* config) override { |
345 return CONFIG_UNSET; | 345 return CONFIG_UNSET; |
346 } | 346 } |
347 }; | 347 }; |
348 #endif | 348 #endif |
349 | 349 |
| 350 // Returns a sanitized copy of |url| which is safe to pass on to a PAC script. |
| 351 // The method for sanitizing is determined by |policy|. See the comments for |
| 352 // that enum for details. |
| 353 GURL SanitizeUrl(const GURL& url, ProxyService::SanitizeUrlPolicy policy) { |
| 354 DCHECK(url.is_valid()); |
| 355 |
| 356 GURL::Replacements replacements; |
| 357 replacements.ClearUsername(); |
| 358 replacements.ClearPassword(); |
| 359 replacements.ClearRef(); |
| 360 |
| 361 if (policy == ProxyService::SanitizeUrlPolicy::SAFE && |
| 362 url.SchemeIsCryptographic()) { |
| 363 replacements.ClearPath(); |
| 364 replacements.ClearQuery(); |
| 365 } |
| 366 |
| 367 return url.ReplaceComponents(replacements); |
| 368 } |
| 369 |
350 } // namespace | 370 } // namespace |
351 | 371 |
352 // ProxyService::InitProxyResolver -------------------------------------------- | 372 // ProxyService::InitProxyResolver -------------------------------------------- |
353 | 373 |
354 // This glues together two asynchronous steps: | 374 // This glues together two asynchronous steps: |
355 // (1) ProxyScriptDecider -- try to fetch/validate a sequence of PAC scripts | 375 // (1) ProxyScriptDecider -- try to fetch/validate a sequence of PAC scripts |
356 // to figure out what we should configure against. | 376 // to figure out what we should configure against. |
357 // (2) Feed the fetched PAC script into the ProxyResolver. | 377 // (2) Feed the fetched PAC script into the ProxyResolver. |
358 // | 378 // |
359 // InitProxyResolver is a single-use class which encapsulates cancellation as | 379 // InitProxyResolver is a single-use class which encapsulates cancellation as |
(...skipping 570 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
930 ProxyService::ProxyService( | 950 ProxyService::ProxyService( |
931 std::unique_ptr<ProxyConfigService> config_service, | 951 std::unique_ptr<ProxyConfigService> config_service, |
932 std::unique_ptr<ProxyResolverFactory> resolver_factory, | 952 std::unique_ptr<ProxyResolverFactory> resolver_factory, |
933 NetLog* net_log) | 953 NetLog* net_log) |
934 : resolver_factory_(std::move(resolver_factory)), | 954 : resolver_factory_(std::move(resolver_factory)), |
935 next_config_id_(1), | 955 next_config_id_(1), |
936 current_state_(STATE_NONE), | 956 current_state_(STATE_NONE), |
937 net_log_(net_log), | 957 net_log_(net_log), |
938 stall_proxy_auto_config_delay_( | 958 stall_proxy_auto_config_delay_( |
939 TimeDelta::FromMilliseconds(kDelayAfterNetworkChangesMs)), | 959 TimeDelta::FromMilliseconds(kDelayAfterNetworkChangesMs)), |
940 quick_check_enabled_(true) { | 960 quick_check_enabled_(true), |
| 961 sanitize_url_policy_(SanitizeUrlPolicy::SAFE) { |
941 NetworkChangeNotifier::AddIPAddressObserver(this); | 962 NetworkChangeNotifier::AddIPAddressObserver(this); |
942 NetworkChangeNotifier::AddDNSObserver(this); | 963 NetworkChangeNotifier::AddDNSObserver(this); |
943 ResetConfigService(std::move(config_service)); | 964 ResetConfigService(std::move(config_service)); |
944 } | 965 } |
945 | 966 |
946 // static | 967 // static |
947 std::unique_ptr<ProxyService> ProxyService::CreateUsingSystemProxyResolver( | 968 std::unique_ptr<ProxyService> ProxyService::CreateUsingSystemProxyResolver( |
948 std::unique_ptr<ProxyConfigService> proxy_config_service, | 969 std::unique_ptr<ProxyConfigService> proxy_config_service, |
949 size_t num_pac_threads, | 970 size_t num_pac_threads, |
950 NetLog* net_log) { | 971 NetLog* net_log) { |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1043 | 1064 |
1044 // Notify our polling-based dependencies that a resolve is taking place. | 1065 // Notify our polling-based dependencies that a resolve is taking place. |
1045 // This way they can schedule their polls in response to network activity. | 1066 // This way they can schedule their polls in response to network activity. |
1046 config_service_->OnLazyPoll(); | 1067 config_service_->OnLazyPoll(); |
1047 if (script_poller_.get()) | 1068 if (script_poller_.get()) |
1048 script_poller_->OnLazyPoll(); | 1069 script_poller_->OnLazyPoll(); |
1049 | 1070 |
1050 if (current_state_ == STATE_NONE) | 1071 if (current_state_ == STATE_NONE) |
1051 ApplyProxyConfigIfAvailable(); | 1072 ApplyProxyConfigIfAvailable(); |
1052 | 1073 |
1053 // Strip away any reference fragments and the username/password, as they | 1074 // Sanitize the URL before passing it on to the proxy resolver (i.e. PAC |
1054 // are not relevant to proxy resolution. | 1075 // script). The goal is to remove sensitive data (like embedded user names |
1055 GURL url = SimplifyUrlForRequest(raw_url); | 1076 // and password), and local data (i.e. reference fragment) which does not need |
| 1077 // to be disclosed to the resolver. |
| 1078 GURL url = SanitizeUrl(raw_url, sanitize_url_policy_); |
1056 | 1079 |
1057 // Check if the request can be completed right away. (This is the case when | 1080 // Check if the request can be completed right away. (This is the case when |
1058 // using a direct connection for example). | 1081 // using a direct connection for example). |
1059 int rv = TryToCompleteSynchronously(url, load_flags, proxy_delegate, result); | 1082 int rv = TryToCompleteSynchronously(url, load_flags, proxy_delegate, result); |
1060 if (rv != ERR_IO_PENDING) { | 1083 if (rv != ERR_IO_PENDING) { |
1061 rv = DidFinishResolvingProxy( | 1084 rv = DidFinishResolvingProxy( |
1062 url, method, load_flags, proxy_delegate, result, rv, net_log, | 1085 url, method, load_flags, proxy_delegate, result, rv, net_log, |
1063 callback.is_null() ? TimeTicks() : TimeTicks::Now(), false); | 1086 callback.is_null() ? TimeTicks() : TimeTicks::Now(), false); |
1064 return rv; | 1087 return rv; |
1065 } | 1088 } |
(...skipping 589 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1655 State previous_state = ResetProxyConfig(false); | 1678 State previous_state = ResetProxyConfig(false); |
1656 if (previous_state != STATE_NONE) | 1679 if (previous_state != STATE_NONE) |
1657 ApplyProxyConfigIfAvailable(); | 1680 ApplyProxyConfigIfAvailable(); |
1658 } | 1681 } |
1659 | 1682 |
1660 void ProxyService::OnDNSChanged() { | 1683 void ProxyService::OnDNSChanged() { |
1661 OnIPAddressChanged(); | 1684 OnIPAddressChanged(); |
1662 } | 1685 } |
1663 | 1686 |
1664 } // namespace net | 1687 } // namespace net |
OLD | NEW |