| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/download/download_manager_impl.h" | 5 #include "content/browser/download/download_manager_impl.h" |
| 6 | 6 |
| 7 #include <iterator> | 7 #include <iterator> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/callback.h" | 11 #include "base/callback.h" |
| 12 #include "base/debug/alias.h" | 12 #include "base/debug/alias.h" |
| 13 #include "base/i18n/case_conversion.h" | 13 #include "base/i18n/case_conversion.h" |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/memory/ptr_util.h" | 15 #include "base/memory/ptr_util.h" |
| 16 #include "base/memory/weak_ptr.h" | 16 #include "base/memory/weak_ptr.h" |
| 17 #include "base/message_loop/message_loop.h" | 17 #include "base/message_loop/message_loop.h" |
| 18 #include "base/metrics/histogram_macros.h" |
| 18 #include "base/stl_util.h" | 19 #include "base/stl_util.h" |
| 19 #include "base/strings/stringprintf.h" | 20 #include "base/strings/stringprintf.h" |
| 20 #include "base/strings/sys_string_conversions.h" | 21 #include "base/strings/sys_string_conversions.h" |
| 21 #include "base/supports_user_data.h" | 22 #include "base/supports_user_data.h" |
| 22 #include "base/synchronization/lock.h" | 23 #include "base/synchronization/lock.h" |
| 23 #include "build/build_config.h" | 24 #include "build/build_config.h" |
| 24 #include "content/browser/byte_stream.h" | 25 #include "content/browser/byte_stream.h" |
| 25 #include "content/browser/child_process_security_policy_impl.h" | 26 #include "content/browser/child_process_security_policy_impl.h" |
| 26 #include "content/browser/download/download_create_info.h" | 27 #include "content/browser/download/download_create_info.h" |
| 27 #include "content/browser/download/download_file_factory.h" | 28 #include "content/browser/download/download_file_factory.h" |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 102 base::Passed(&empty_byte_stream), params->callback())); | 103 base::Passed(&empty_byte_stream), params->callback())); |
| 103 return nullptr; | 104 return nullptr; |
| 104 } | 105 } |
| 105 | 106 |
| 106 return std::unique_ptr<UrlDownloader, BrowserThread::DeleteOnIOThread>( | 107 return std::unique_ptr<UrlDownloader, BrowserThread::DeleteOnIOThread>( |
| 107 UrlDownloader::BeginDownload(download_manager, std::move(url_request), | 108 UrlDownloader::BeginDownload(download_manager, std::move(url_request), |
| 108 params->referrer()) | 109 params->referrer()) |
| 109 .release()); | 110 .release()); |
| 110 } | 111 } |
| 111 | 112 |
| 113 // Enumerate for histogramming purposes. |
| 114 // DO NOT CHANGE THE ORDERING OF THESE VALUES. |
| 115 enum DownloadConnectionSecurity { |
| 116 DOWNLOAD_SECURE, // Final download url and its redirects all use https |
| 117 DOWNLOAD_TARGET_INSECURE, // Final download url uses http, redirects are all |
| 118 // https |
| 119 DOWNLOAD_REDIRECT_INSECURE, // Final download url uses https, but at least |
| 120 // one redirect uses http |
| 121 DOWNLOAD_REDIRECT_TARGET_INSECURE, // Final download url uses http, and at |
| 122 // least one redirect uses http |
| 123 DOWNLOAD_NONE_HTTPX, // Final download url uses scheme other than http/https |
| 124 DOWNLOAD_CONNECTION_SECURITY_MAX |
| 125 }; |
| 126 |
| 127 void RecordDownloadConnectionSecurity(const GURL& download_url, |
| 128 const std::vector<GURL>& url_chain) { |
| 129 DownloadConnectionSecurity state = |
| 130 DownloadConnectionSecurity::DOWNLOAD_NONE_HTTPX; |
| 131 if (download_url.SchemeIsHTTPOrHTTPS()) { |
| 132 bool is_final_download_secure = download_url.SchemeIs(url::kHttpsScheme); |
| 133 bool is_redirect_chain_secure = true; |
| 134 if (url_chain.size()>std::size_t(1)) { |
| 135 for (std::size_t i = std::size_t(0); i < url_chain.size() - 1; i++) { |
| 136 if (!url_chain[i].SchemeIsCryptographic()) { |
| 137 is_redirect_chain_secure = false; |
| 138 break; |
| 139 } |
| 140 } |
| 141 } |
| 142 state = is_final_download_secure |
| 143 ? is_redirect_chain_secure ? DOWNLOAD_SECURE |
| 144 : DOWNLOAD_REDIRECT_INSECURE |
| 145 : is_redirect_chain_secure ? DOWNLOAD_TARGET_INSECURE |
| 146 : DOWNLOAD_REDIRECT_TARGET_INSECURE; |
| 147 } |
| 148 |
| 149 UMA_HISTOGRAM_ENUMERATION("Download.TargetConnectionSecurity", state, |
| 150 DOWNLOAD_CONNECTION_SECURITY_MAX); |
| 151 } |
| 152 |
| 112 class DownloadItemFactoryImpl : public DownloadItemFactory { | 153 class DownloadItemFactoryImpl : public DownloadItemFactory { |
| 113 public: | 154 public: |
| 114 DownloadItemFactoryImpl() {} | 155 DownloadItemFactoryImpl() {} |
| 115 ~DownloadItemFactoryImpl() override {} | 156 ~DownloadItemFactoryImpl() override {} |
| 116 | 157 |
| 117 DownloadItemImpl* CreatePersistedItem( | 158 DownloadItemImpl* CreatePersistedItem( |
| 118 DownloadItemImplDelegate* delegate, | 159 DownloadItemImplDelegate* delegate, |
| 119 const std::string& guid, | 160 const std::string& guid, |
| 120 uint32_t download_id, | 161 uint32_t download_id, |
| 121 const base::FilePath& current_path, | 162 const base::FilePath& current_path, |
| (...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 302 const DownloadUrlParameters::OnStartedCallback& on_started) { | 343 const DownloadUrlParameters::OnStartedCallback& on_started) { |
| 303 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 344 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 304 DCHECK(info); | 345 DCHECK(info); |
| 305 // |stream| is only non-nil if the download request was successful. | 346 // |stream| is only non-nil if the download request was successful. |
| 306 DCHECK((info->result == DOWNLOAD_INTERRUPT_REASON_NONE && stream.get()) || | 347 DCHECK((info->result == DOWNLOAD_INTERRUPT_REASON_NONE && stream.get()) || |
| 307 (info->result != DOWNLOAD_INTERRUPT_REASON_NONE && !stream.get())); | 348 (info->result != DOWNLOAD_INTERRUPT_REASON_NONE && !stream.get())); |
| 308 DVLOG(20) << __func__ | 349 DVLOG(20) << __func__ |
| 309 << "() result=" << DownloadInterruptReasonToString(info->result); | 350 << "() result=" << DownloadInterruptReasonToString(info->result); |
| 310 uint32_t download_id = info->download_id; | 351 uint32_t download_id = info->download_id; |
| 311 const bool new_download = (download_id == content::DownloadItem::kInvalidId); | 352 const bool new_download = (download_id == content::DownloadItem::kInvalidId); |
| 353 if (new_download) |
| 354 RecordDownloadConnectionSecurity(info->url(), info->url_chain); |
| 312 base::Callback<void(uint32_t)> got_id(base::Bind( | 355 base::Callback<void(uint32_t)> got_id(base::Bind( |
| 313 &DownloadManagerImpl::StartDownloadWithId, weak_factory_.GetWeakPtr(), | 356 &DownloadManagerImpl::StartDownloadWithId, weak_factory_.GetWeakPtr(), |
| 314 base::Passed(&info), base::Passed(&stream), on_started, new_download)); | 357 base::Passed(&info), base::Passed(&stream), on_started, new_download)); |
| 315 if (new_download) { | 358 if (new_download) { |
| 316 GetNextId(got_id); | 359 GetNextId(got_id); |
| 317 } else { | 360 } else { |
| 318 got_id.Run(download_id); | 361 got_id.Run(download_id); |
| 319 } | 362 } |
| 320 } | 363 } |
| 321 | 364 |
| (...skipping 434 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 756 if (delegate_) | 799 if (delegate_) |
| 757 delegate_->OpenDownload(download); | 800 delegate_->OpenDownload(download); |
| 758 } | 801 } |
| 759 | 802 |
| 760 void DownloadManagerImpl::ShowDownloadInShell(DownloadItemImpl* download) { | 803 void DownloadManagerImpl::ShowDownloadInShell(DownloadItemImpl* download) { |
| 761 if (delegate_) | 804 if (delegate_) |
| 762 delegate_->ShowDownloadInShell(download); | 805 delegate_->ShowDownloadInShell(download); |
| 763 } | 806 } |
| 764 | 807 |
| 765 } // namespace content | 808 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2378333002:
Record download target connection security state (Closed)
