Index: content/browser/browsing_data/clear_site_data_throttle.cc |
diff --git a/content/browser/browsing_data/clear_site_data_throttle.cc b/content/browser/browsing_data/clear_site_data_throttle.cc |
index 9799e1c7a06cd8c6a5ab2d1a59d2472a7f47c40e..bdc32ae9888c2bb6d9f18f0faf9f41c55cd3ea8a 100644 |
--- a/content/browser/browsing_data/clear_site_data_throttle.cc |
+++ b/content/browser/browsing_data/clear_site_data_throttle.cc |
@@ -12,15 +12,20 @@ |
#include "base/strings/string_util.h" |
#include "base/strings/stringprintf.h" |
#include "base/values.h" |
-#include "content/browser/frame_host/navigation_handle_impl.h" |
+#include "content/browser/service_worker/service_worker_response_info.h" |
#include "content/public/browser/browser_context.h" |
-#include "content/public/browser/content_browser_client.h" |
-#include "content/public/browser/navigation_handle.h" |
+#include "content/public/browser/browser_thread.h" |
+#include "content/public/browser/browsing_data_filter_builder.h" |
+#include "content/public/browser/browsing_data_remover.h" |
+#include "content/public/browser/render_frame_host.h" |
#include "content/public/browser/web_contents.h" |
-#include "content/public/common/content_client.h" |
#include "content/public/common/content_switches.h" |
#include "content/public/common/origin_util.h" |
+#include "content/public/common/resource_response_info.h" |
+#include "net/base/load_flags.h" |
+#include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
#include "net/http/http_response_headers.h" |
+#include "net/url_request/redirect_info.h" |
#include "url/gurl.h" |
#include "url/origin.h" |
@@ -28,6 +33,8 @@ namespace content { |
namespace { |
+static const char* kNameForLogging = "ClearSiteDataThrottle"; |
+ |
static const char* kClearSiteDataHeader = "Clear-Site-Data"; |
static const char* kTypesKey = "types"; |
@@ -38,14 +45,6 @@ static const char* kClearingOneType = "Clearing %s."; |
static const char* kClearingTwoTypes = "Clearing %s and %s."; |
static const char* kClearingThreeTypes = "Clearing %s, %s, and %s."; |
-// Console logging. Adds a |text| message with |level| to |messages|. |
-void ConsoleLog(std::vector<ClearSiteDataThrottle::ConsoleMessage>* messages, |
- const GURL& url, |
- const std::string& text, |
- ConsoleMessageLevel level) { |
- messages->push_back({url, text, level}); |
-} |
- |
bool AreExperimentalFeaturesEnabled() { |
return base::CommandLine::ForCurrentProcess()->HasSwitch( |
switches::kEnableExperimentalWebPlatformFeatures); |
@@ -58,34 +57,146 @@ int ParametersMask(bool clear_cookies, bool clear_storage, bool clear_cache) { |
static_cast<int>(clear_cache) * (1 << 2); |
} |
-} // namespace |
+// A helper function to pass an IO thread callback to a method called on |
+// the UI thread. |
+void JumpFromUIToIOThread(const base::Closure& callback) { |
+ DCHECK_CURRENTLY_ON(BrowserThread::UI); |
+ BrowserThread::PostTask(BrowserThread::IO, FROM_HERE, callback); |
+} |
-// static |
-std::unique_ptr<NavigationThrottle> |
-ClearSiteDataThrottle::CreateThrottleForNavigation(NavigationHandle* handle) { |
- if (AreExperimentalFeaturesEnabled()) |
- return base::WrapUnique(new ClearSiteDataThrottle(handle)); |
+// A BrowsingDataRemover::Observer that waits for |count| |
+// OnBrowsingDataRemoverDone() callbacks, translates them into |
+// one base::Closure, and then destroys itself. |
+class ClearSiteDataObserver : public BrowsingDataRemover::Observer { |
+ public: |
+ explicit ClearSiteDataObserver(BrowsingDataRemover* remover, |
+ const base::Closure& callback, |
+ int count) |
+ : remover_(remover), callback_(callback), count_(count) { |
+ remover_->AddObserver(this); |
+ } |
+ |
+ ~ClearSiteDataObserver() override { remover_->RemoveObserver(this); } |
- return std::unique_ptr<NavigationThrottle>(); |
+ // BrowsingDataRemover::Observer. |
+ void OnBrowsingDataRemoverDone() override { |
+ DCHECK(count_); |
+ if (--count_) |
+ return; |
+ |
+ JumpFromUIToIOThread(callback_); |
+ delete this; |
+ } |
+ |
+ private: |
+ BrowsingDataRemover* remover_; |
+ base::Closure callback_; |
+ int count_; |
+}; |
+ |
+// Finds the BrowserContext associated with the request and requests |
+// the actual clearing of data for |origin|. The datatypes to be deleted |
+// are determined by |clear_cookies|, |clear_storage|, and |clear_cache|. |
+// |web_contents_getter| identifies the WebContents from which the request |
+// originated. Must be run on the UI thread. The |callback| will be executed |
+// on the IO thread. |
+void ClearSiteDataOnUIThread( |
+ const ResourceRequestInfo::WebContentsGetter& web_contents_getter, |
+ url::Origin origin, |
+ bool clear_cookies, |
+ bool clear_storage, |
+ bool clear_cache, |
+ const base::Closure& callback) { |
+ DCHECK_CURRENTLY_ON(BrowserThread::UI); |
+ |
+ WebContents* web_contents = web_contents_getter.Run(); |
+ if (!web_contents) |
+ return; |
+ |
+ BrowsingDataRemover* remover = |
+ BrowserContext::GetBrowsingDataRemover(web_contents->GetBrowserContext()); |
+ |
+ // ClearSiteDataObserver deletes itself when callbacks from both removal |
+ // tasks are received. |
+ ClearSiteDataObserver* observer = |
+ new ClearSiteDataObserver(remover, callback, 2 /* number of tasks */); |
+ |
+ // Cookies and channel IDs are scoped to |
+ // a) eTLD+1 of |origin|'s host if |origin|'s host is a registrable domain |
+ // or a subdomain thereof |
+ // b) |origin|'s host exactly if it is an IP address or an internal hostname |
+ // (e.g. "localhost" or "fileserver"). |
+ // TODO(msramek): What about plugin data? |
+ if (clear_cookies) { |
+ std::string domain = GetDomainAndRegistry( |
+ origin.host(), |
+ net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES); |
+ |
+ if (domain.empty()) |
+ domain = origin.host(); // IP address or internal hostname. |
+ |
+ std::unique_ptr<BrowsingDataFilterBuilder> domain_filter_builder( |
+ BrowsingDataFilterBuilder::Create( |
+ BrowsingDataFilterBuilder::WHITELIST)); |
+ domain_filter_builder->AddRegisterableDomain(domain); |
+ |
+ remover->RemoveWithFilterAndReply( |
+ base::Time(), base::Time::Max(), |
+ BrowsingDataRemover::DATA_TYPE_COOKIES | |
+ BrowsingDataRemover::DATA_TYPE_CHANNEL_IDS, |
+ BrowsingDataRemover::ORIGIN_TYPE_UNPROTECTED_WEB | |
+ BrowsingDataRemover::ORIGIN_TYPE_PROTECTED_WEB, |
+ std::move(domain_filter_builder), observer); |
+ } else { |
+ // The first removal task is a no-op. |
+ observer->OnBrowsingDataRemoverDone(); |
+ } |
+ |
+ // Delete origin-scoped data. |
+ int remove_mask = 0; |
+ if (clear_storage) |
+ remove_mask |= BrowsingDataRemover::DATA_TYPE_DOM_STORAGE; |
+ if (clear_cache) |
+ remove_mask |= BrowsingDataRemover::DATA_TYPE_CACHE; |
+ |
+ if (remove_mask) { |
+ std::unique_ptr<BrowsingDataFilterBuilder> origin_filter_builder( |
+ BrowsingDataFilterBuilder::Create( |
+ BrowsingDataFilterBuilder::WHITELIST)); |
+ origin_filter_builder->AddOrigin(origin); |
+ |
+ remover->RemoveWithFilterAndReply( |
+ base::Time(), base::Time::Max(), remove_mask, |
+ BrowsingDataRemover::ORIGIN_TYPE_UNPROTECTED_WEB | |
+ BrowsingDataRemover::ORIGIN_TYPE_PROTECTED_WEB, |
+ std::move(origin_filter_builder), observer); |
+ } else { |
+ // The second removal task is a no-op. |
+ observer->OnBrowsingDataRemoverDone(); |
+ } |
} |
-ClearSiteDataThrottle::ClearSiteDataThrottle( |
- NavigationHandle* navigation_handle) |
- : NavigationThrottle(navigation_handle), |
- clearing_in_progress_(false), |
- weak_ptr_factory_(this) {} |
+// Outputs |messages| to the console of WebContents retrieved from |
+// |web_contents_getter|. Must be run on the UI thread. |
+void OutputMessagesOnUIThread( |
+ const ResourceRequestInfo::WebContentsGetter& web_contents_getter, |
+ const std::vector<ClearSiteDataThrottle::ConsoleMessagesDelegate::Message>& |
+ messages) { |
+ DCHECK_CURRENTLY_ON(BrowserThread::UI); |
-ClearSiteDataThrottle::~ClearSiteDataThrottle() { |
- // At the end of the navigation we finally have access to the correct |
- // RenderFrameHost. Output the cached console messages. Prefix each sequence |
- // of messages belonging to the same URL with |kConsoleMessagePrefix|. |
+ WebContents* web_contents = web_contents_getter.Run(); |
+ if (!web_contents) |
+ return; |
+ |
+ // Prefix each sequence of messages belonging to the same URL with |
+ // |kConsoleMessagePrefix|. |
GURL last_seen_url; |
- for (const ConsoleMessage& message : messages_) { |
+ for (const auto& message : messages) { |
if (message.url == last_seen_url) { |
- navigation_handle()->GetRenderFrameHost()->AddMessageToConsole( |
- message.level, message.text); |
+ web_contents->GetMainFrame()->AddMessageToConsole(message.level, |
+ message.text); |
} else { |
- navigation_handle()->GetRenderFrameHost()->AddMessageToConsole( |
+ web_contents->GetMainFrame()->AddMessageToConsole( |
message.level, |
base::StringPrintf(kConsoleMessagePrefix, message.url.spec().c_str(), |
message.text.c_str())); |
@@ -95,101 +206,193 @@ ClearSiteDataThrottle::~ClearSiteDataThrottle() { |
} |
} |
-ClearSiteDataThrottle::ThrottleCheckResult |
-ClearSiteDataThrottle::WillStartRequest() { |
- current_url_ = navigation_handle()->GetURL(); |
- return PROCEED; |
+} // namespace |
+ |
+//////////////////////////////////////////////////////////////////////////////// |
+// ConsoleMessagesDelegate |
+ |
+ClearSiteDataThrottle::ConsoleMessagesDelegate::ConsoleMessagesDelegate() {} |
+ |
+ClearSiteDataThrottle::ConsoleMessagesDelegate::~ConsoleMessagesDelegate() {} |
+ |
+void ClearSiteDataThrottle::ConsoleMessagesDelegate::AddMessage( |
+ const GURL& url, |
+ const std::string& text, |
+ ConsoleMessageLevel level) { |
+ messages_.push_back({url, text, level}); |
} |
-ClearSiteDataThrottle::ThrottleCheckResult |
-ClearSiteDataThrottle::WillRedirectRequest() { |
- // We are processing a redirect from url1 to url2. GetResponseHeaders() |
- // contains headers from url1, but GetURL() is already equal to url2. Handle |
- // the headers before updating the URL, so that |current_url_| corresponds |
- // to the URL that sent the headers. |
- HandleHeader(); |
- current_url_ = navigation_handle()->GetURL(); |
+void ClearSiteDataThrottle::ConsoleMessagesDelegate::OutputMessages( |
+ const ResourceRequestInfo::WebContentsGetter& web_contents_getter) { |
+ if (messages_.empty()) |
+ return; |
+ |
+ DCHECK_CURRENTLY_ON(BrowserThread::IO); |
+ BrowserThread::PostTask( |
+ BrowserThread::UI, FROM_HERE, |
+ base::Bind(&OutputMessagesOnUIThread, web_contents_getter, |
+ std::move(messages_))); |
- return clearing_in_progress_ ? DEFER : PROCEED; |
+ messages_.clear(); |
} |
-ClearSiteDataThrottle::ThrottleCheckResult |
-ClearSiteDataThrottle::WillProcessResponse() { |
- HandleHeader(); |
- return clearing_in_progress_ ? DEFER : PROCEED; |
+//////////////////////////////////////////////////////////////////////////////// |
+// ClearSiteDataThrottle |
+ |
+// static |
+std::unique_ptr<ResourceThrottle> |
+ClearSiteDataThrottle::CreateThrottleForRequest(net::URLRequest* request) { |
+ // This is an experimental feature. |
+ if (!AreExperimentalFeaturesEnabled()) |
+ return std::unique_ptr<ResourceThrottle>(); |
+ |
+ // The throttle has no purpose if the request has no ResourceRequestInfo, |
+ // because we won't be able to determine whose data should be deleted. |
+ if (!ResourceRequestInfo::ForRequest(request)) |
+ return std::unique_ptr<ResourceThrottle>(); |
+ |
+ return base::WrapUnique(new ClearSiteDataThrottle( |
+ request, base::MakeUnique<ConsoleMessagesDelegate>())); |
} |
-const char* ClearSiteDataThrottle::GetNameForLogging() { |
- return "ClearSiteDataThrottle"; |
+ClearSiteDataThrottle::ClearSiteDataThrottle( |
+ net::URLRequest* request, |
+ std::unique_ptr<ConsoleMessagesDelegate> delegate) |
+ : request_(request), |
+ delegate_(std::move(delegate)), |
+ weak_ptr_factory_(this) { |
+ DCHECK(request_); |
+ DCHECK(delegate_); |
} |
-void ClearSiteDataThrottle::HandleHeader() { |
- NavigationHandleImpl* handle = |
- static_cast<NavigationHandleImpl*>(navigation_handle()); |
- const net::HttpResponseHeaders* headers = handle->GetResponseHeaders(); |
+ClearSiteDataThrottle::~ClearSiteDataThrottle() { |
+ // Output the cached console messages. We output console messages when the |
+ // request is finished rather than in real time, since in case of navigations |
+ // swapping RenderFrameHost would cause the outputs to disappear. |
+ const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request_); |
+ if (info) |
+ delegate_->OutputMessages(info->GetWebContentsGetterForRequest()); |
+} |
- if (!headers || !headers->HasHeader(kClearSiteDataHeader)) |
- return; |
+void ClearSiteDataThrottle::WillRedirectRequest( |
+ const net::RedirectInfo& redirect_info, |
+ bool* defer) { |
+ *defer = HandleHeader(); |
+} |
- // Only accept the header on secure origins. |
- if (!IsOriginSecure(current_url_)) { |
- ConsoleLog(&messages_, current_url_, "Not supported for insecure origins.", |
- CONSOLE_MESSAGE_LEVEL_ERROR); |
- return; |
- } |
+void ClearSiteDataThrottle::WillProcessResponse(bool* defer) { |
+ *defer = HandleHeader(); |
+} |
+ |
+const char* ClearSiteDataThrottle::GetNameForLogging() const { |
+ return kNameForLogging; |
+} |
+ |
+bool ClearSiteDataThrottle::HandleHeader() { |
+ const net::HttpResponseHeaders* headers = GetResponseHeaders(); |
std::string header_value; |
- headers->GetNormalizedHeader(kClearSiteDataHeader, &header_value); |
+ if (!headers || |
+ !headers->GetNormalizedHeader(kClearSiteDataHeader, &header_value)) { |
+ return false; |
+ } |
+ |
+ // Only accept the header on secure non-unique origins. |
+ if (!IsOriginSecure(request_->url())) { |
+ delegate_->AddMessage(request_->url(), |
+ "Not supported for insecure origins.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
+ return false; |
+ } |
+ |
+ url::Origin origin(request_->url()); |
+ if (origin.unique()) { |
+ delegate_->AddMessage(request_->url(), "Not supported for unique origins.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
+ return false; |
+ } |
+ |
+ // The LOAD_DO_NOT_SAVE_COOKIES flag prohibits the request from doing any |
+ // modification to cookies. Clear-Site-Data applies this restriction to other |
+ // datatypes as well. |
+ if (request_->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES) { |
+ delegate_->AddMessage( |
+ request_->url(), |
+ "The request's credentials mode prohibits modifying cookies " |
+ "and other local data.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
+ return false; |
+ } |
+ |
+ // Service workers can handle fetches of third-party resources and inject |
+ // arbitrary headers. Ignore responses that came from a service worker, |
+ // as supporting Clear-Site-Data would give them the power to delete data from |
+ // any website. |
falken
2017/05/17 07:37:00
Maybe worth linking to https://w3c.github.io/webap
msramek
2017/05/17 13:46:37
Done.
|
+ const ServiceWorkerResponseInfo* response_info = |
+ ServiceWorkerResponseInfo::ForRequest(request_); |
+ if (response_info) { |
+ ResourceResponseInfo extra_response_info; |
+ response_info->GetExtraResponseInfo(&extra_response_info); |
+ |
+ if (extra_response_info.was_fetched_via_service_worker) { |
falken
2017/05/17 07:37:00
Does the spec care if the response came from a for
msramek
2017/05/17 13:46:37
Yes, that was my understanding too - thanks for co
|
+ delegate_->AddMessage( |
+ request_->url(), |
+ "Ignoring, as the response came from a service worker.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
+ return false; |
+ } |
+ } |
bool clear_cookies; |
bool clear_storage; |
bool clear_cache; |
if (!ParseHeader(header_value, &clear_cookies, &clear_storage, &clear_cache, |
- &messages_)) { |
- return; |
+ delegate_.get(), request_->url())) { |
+ return false; |
} |
+ // If the header is valid, clear the data for this browser context and origin. |
+ clearing_started_ = base::TimeTicks::Now(); |
+ |
// Record the call parameters. |
UMA_HISTOGRAM_ENUMERATION( |
"Navigation.ClearSiteData.Parameters", |
ParametersMask(clear_cookies, clear_storage, clear_cache), (1 << 3)); |
- // If the header is valid, clear the data for this browser context and origin. |
- BrowserContext* browser_context = |
- navigation_handle()->GetWebContents()->GetBrowserContext(); |
- url::Origin origin(current_url_); |
+ base::WeakPtr<ClearSiteDataThrottle> weak_ptr = |
+ weak_ptr_factory_.GetWeakPtr(); |
- if (origin.unique()) { |
- ConsoleLog(&messages_, current_url_, "Not supported for unique origins.", |
- CONSOLE_MESSAGE_LEVEL_ERROR); |
- return; |
- } |
+ // Immediately bind the weak pointer to the current thread (IO). This will |
+ // make a potential misuse on the UI thread DCHECK immediately rather than |
+ // later when it's correctly used on the IO thread again. |
+ weak_ptr.get(); |
- clearing_in_progress_ = true; |
- clearing_started_ = base::TimeTicks::Now(); |
- GetContentClient()->browser()->ClearSiteData( |
- browser_context, origin, clear_cookies, clear_storage, clear_cache, |
- base::Bind(&ClearSiteDataThrottle::TaskFinished, |
- weak_ptr_factory_.GetWeakPtr())); |
+ ExecuteClearingTask( |
+ origin, clear_cookies, clear_storage, clear_cache, |
+ base::Bind(&ClearSiteDataThrottle::TaskFinished, weak_ptr)); |
+ |
+ return true; |
} |
+// static |
bool ClearSiteDataThrottle::ParseHeader(const std::string& header, |
bool* clear_cookies, |
bool* clear_storage, |
bool* clear_cache, |
- std::vector<ConsoleMessage>* messages) { |
+ ConsoleMessagesDelegate* delegate, |
+ const GURL& current_url) { |
if (!base::IsStringASCII(header)) { |
- ConsoleLog(messages, current_url_, "Must only contain ASCII characters.", |
- CONSOLE_MESSAGE_LEVEL_ERROR); |
+ delegate->AddMessage(current_url, "Must only contain ASCII characters.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
return false; |
} |
std::unique_ptr<base::Value> parsed_header = base::JSONReader::Read(header); |
if (!parsed_header) { |
- ConsoleLog(messages, current_url_, "Not a valid JSON.", |
- CONSOLE_MESSAGE_LEVEL_ERROR); |
+ delegate->AddMessage(current_url, "Not a valid JSON.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
return false; |
} |
@@ -197,9 +400,9 @@ bool ClearSiteDataThrottle::ParseHeader(const std::string& header, |
const base::ListValue* types = nullptr; |
if (!parsed_header->GetAsDictionary(&dictionary) || |
!dictionary->GetListWithoutPathExpansion(kTypesKey, &types)) { |
- ConsoleLog(messages, current_url_, |
- "Expecting a JSON dictionary with a 'types' field.", |
- CONSOLE_MESSAGE_LEVEL_ERROR); |
+ delegate->AddMessage(current_url, |
+ "Expecting a JSON dictionary with a 'types' field.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
return false; |
} |
@@ -226,9 +429,9 @@ bool ClearSiteDataThrottle::ParseHeader(const std::string& header, |
std::string serialized_type; |
JSONStringValueSerializer serializer(&serialized_type); |
serializer.Serialize(value); |
- ConsoleLog( |
- messages, current_url_, |
- base::StringPrintf("Invalid type: %s.", serialized_type.c_str()), |
+ delegate->AddMessage( |
+ current_url, |
+ base::StringPrintf("Unrecognized type: %s.", serialized_type.c_str()), |
CONSOLE_MESSAGE_LEVEL_ERROR); |
continue; |
} |
@@ -243,9 +446,9 @@ bool ClearSiteDataThrottle::ParseHeader(const std::string& header, |
} |
if (!*clear_cookies && !*clear_storage && !*clear_cache) { |
- ConsoleLog(messages, current_url_, |
- "No valid types specified in the 'types' field.", |
- CONSOLE_MESSAGE_LEVEL_ERROR); |
+ delegate->AddMessage(current_url, |
+ "No recognized types specified in the 'types' field.", |
+ CONSOLE_MESSAGE_LEVEL_ERROR); |
return false; |
} |
@@ -266,21 +469,37 @@ bool ClearSiteDataThrottle::ParseHeader(const std::string& header, |
default: |
NOTREACHED(); |
} |
- ConsoleLog(messages, current_url_, output, CONSOLE_MESSAGE_LEVEL_INFO); |
+ delegate->AddMessage(current_url, output, CONSOLE_MESSAGE_LEVEL_INFO); |
return true; |
} |
-void ClearSiteDataThrottle::TaskFinished() { |
- DCHECK(clearing_in_progress_); |
- clearing_in_progress_ = false; |
+const net::HttpResponseHeaders* ClearSiteDataThrottle::GetResponseHeaders() |
+ const { |
+ return request_->response_headers(); |
+} |
+ |
+void ClearSiteDataThrottle::ExecuteClearingTask(const url::Origin& origin, |
+ bool clear_cookies, |
+ bool clear_storage, |
+ bool clear_cache, |
+ const base::Closure& callback) { |
+ DCHECK_CURRENTLY_ON(BrowserThread::IO); |
+ BrowserThread::PostTask( |
+ BrowserThread::UI, FROM_HERE, |
+ base::Bind(&ClearSiteDataOnUIThread, |
+ ResourceRequestInfo::ForRequest(request_) |
+ ->GetWebContentsGetterForRequest(), |
+ origin, clear_cookies, clear_storage, clear_cache, callback)); |
+} |
+void ClearSiteDataThrottle::TaskFinished() { |
UMA_HISTOGRAM_CUSTOM_TIMES("Navigation.ClearSiteData.Duration", |
base::TimeTicks::Now() - clearing_started_, |
base::TimeDelta::FromMilliseconds(1), |
base::TimeDelta::FromSeconds(1), 50); |
- navigation_handle()->Resume(); |
+ Resume(); |
} |
} // namespace content |