Expose malware/phishing/etc. distinction from SafeBrowsingUIManager

chrome/browser/safe_browsing/ui_manager.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/ui_manager.h"
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/callback.h"
 #include "base/debug/leak_tracker.h"
@@ skipping 21 matching lines @@
 #include "ipc/ipc_message.h"
 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
 #include "net/ssl/ssl_info.h"
 #include "net/url_request/url_request_context.h"
 #include "net/url_request/url_request_context_getter.h"
 
 using content::BrowserThread;
 using content::NavigationEntry;
 using content::WebContents;
 using safe_browsing::HitReport;
+using safe_browsing::SBThreatType;
 
 namespace {
 
 const void* const kWhitelistKey = &kWhitelistKey;
 
-// A WhitelistUrlSet holds the set of URLs that have been whitelisted for a
-// specific WebContents, along with pending entries that are still undecided.
-// The URLs in this set should come from GetWhitelistUrl() or
-// GetMainFrameWhitelistUrlForResource().
+// A WhitelistUrlSet holds the set of URLs that have been whitelisted
+// for a specific WebContents, along with pending entries that are still
+// undecided. Each URL is associated with the first SBThreatType that
+// was seen for that URL. The URLs in this set should come from
+// GetWhitelistUrl() or GetMainFrameWhitelistUrlForResource().
 class WhitelistUrlSet : public base::SupportsUserData::Data {
  public:
   WhitelistUrlSet() {}
 
-  bool Contains(const GURL url) { return set_.find(url) != set_.end(); }
+  bool Contains(const GURL url, SBThreatType* threat_type) {
+    auto found = map_.find(url);
+    if (found == map_.end())
+      return false;
+    *threat_type = found->second;
+    return true;
+  }
 
   void RemovePending(const GURL& url) { pending_.erase(url); }
 
-  void Insert(const GURL url) {
-    set_.insert(url);
+  void Insert(const GURL url, SBThreatType threat_type) {
+    SBThreatType existing_threat_type;
+    if (Contains(url, &existing_threat_type))

[Nathan Parker, 2016/11/10 00:13:03]

I'm not sure this should ever happen.  Can you think of a case? It seems like
the safe route though, so the threat_type doesn't change on a page.

[estark, 2016/11/11 20:28:13]

Hmm. I can't think of a case where this does happen, but I think this code
probably shouldn't assume that it doesn't happen.

+      return;
+    map_[url] = threat_type;
     RemovePending(url);
   }
 
-  bool ContainsPending(const GURL url) {
-    return pending_.find(url) != pending_.end();
+  bool ContainsPending(const GURL& url, SBThreatType* threat_type) {
+    auto found = pending_.find(url);
+    if (found == pending_.end())
+      return false;
+    *threat_type = found->second;
+    return true;
   }
 
-  void InsertPending(const GURL url) { pending_.insert(url); }
+  void InsertPending(const GURL url, SBThreatType threat_type) {
+    SBThreatType existing_threat_type;
+    if (ContainsPending(url, &existing_threat_type))
+      return;
+    pending_[url] = threat_type;
+  }
 
  private:
-  std::set<GURL> set_;
-  std::set<GURL> pending_;
+  std::map<GURL, SBThreatType> map_;
+  std::map<GURL, SBThreatType> pending_;
 
   DISALLOW_COPY_AND_ASSIGN(WhitelistUrlSet);
 };
 
 // Returns the URL that should be used in a WhitelistUrlSet for the given
 // |resource|.
 GURL GetMainFrameWhitelistUrlForResource(
     const safe_browsing::SafeBrowsingUIManager::UnsafeResource& resource) {
   if (resource.is_subresource) {
     NavigationEntry* entry = resource.GetNavigationEntryForResource();
@@ skipping 115 matching lines @@
       DCHECK(resource.callback_thread);
       resource.callback_thread->PostTask(
           FROM_HERE, base::Bind(resource.callback, proceed));
     }
 
     GURL whitelist_url = GetWhitelistUrl(
         main_frame_url, false /* is subresource */,
         nullptr /* no navigation entry needed for main resource */);
     if (proceed) {
       AddToWhitelistUrlSet(whitelist_url, web_contents,
-                           false /* Pending -> permanent */);
+                           false /* Pending -> permanent */,
+                           resource.threat_type);
     } else if (web_contents) {
       // |web_contents| doesn't exist if the tab has been closed.
       RemoveFromPendingWhitelistUrlSet(whitelist_url, web_contents);
     }
   }
 }
 
 void SafeBrowsingUIManager::DisplayBlockingPage(
     const UnsafeResource& resource) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
@@ skipping 76 matching lines @@
 
     MaybeReportSafeBrowsingHit(hit_report);
   }
 
   if (resource.threat_type != SB_THREAT_TYPE_SAFE) {
     for (Observer& observer : observer_list_)
       observer.OnSafeBrowsingHit(resource);
   }
   AddToWhitelistUrlSet(GetMainFrameWhitelistUrlForResource(resource),
                        resource.web_contents_getter.Run(),
-                       true /* A decision is now pending */);
+                       true /* A decision is now pending */,
+                       resource.threat_type);
   SafeBrowsingBlockingPage::ShowBlockingPage(this, resource);
 }
 
 // A safebrowsing hit is sent after a blocking page for malware/phishing
 // or after the warning dialog for download urls, only for
 // UMA || extended_reporting users.
 void SafeBrowsingUIManager::MaybeReportSafeBrowsingHit(
     const HitReport& hit_report) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
 
@@ skipping 98 matching lines @@
     sb_service_->ping_manager()->ReportThreatDetails(serialized);
   }
 }
 
 // Record this domain in the given WebContents as either whitelisted or
 // pending whitelisting (if an interstitial is currently displayed). If an
 // existing WhitelistUrlSet does not yet exist, create a new WhitelistUrlSet.
 void SafeBrowsingUIManager::AddToWhitelistUrlSet(
     const GURL& whitelist_url,
     content::WebContents* web_contents,
-    bool pending) {
+    bool pending,
+    SBThreatType threat_type) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
 
   // A WebContents might not exist if the tab has been closed.
   if (!web_contents)
     return;
 
   WhitelistUrlSet* site_list = GetOrCreateWhitelist(web_contents);
 
   if (whitelist_url.is_empty())
     return;
 
   if (pending) {
-    site_list->InsertPending(whitelist_url);
+    site_list->InsertPending(whitelist_url, threat_type);
   } else {
-    site_list->Insert(whitelist_url);
+    site_list->Insert(whitelist_url, threat_type);
   }
 
   // Notify security UI that security state has changed.
   web_contents->DidChangeVisibleSecurityState();
 }
 
 void SafeBrowsingUIManager::RemoveFromPendingWhitelistUrlSet(
     const GURL& whitelist_url,
     content::WebContents* web_contents) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
@@ skipping 16 matching lines @@
   // appears in the pending whitelist. In the common case, it's expected
   // that a URL is in the pending whitelist when it is removed, but it's
   // not always the case. For example, if there are several blocking
   // pages queued up for different resources on the same page, and the
   // user goes back to dimiss the first one, the subsequent blocking
   // pages get dismissed as well (as if the user had clicked "Back to
   // safety" on each of them). In this case, the first dismissal will
   // remove the main-frame URL from the pending whitelist, so the
   // main-frame URL will have already been removed when the subsequent
   // blocking pages are dismissed.
-  if (site_list->ContainsPending(whitelist_url))
+  SBThreatType threat_type;
+  if (site_list->ContainsPending(whitelist_url, &threat_type))

[Nathan Parker, 2016/11/10 00:13:03]

nit: How about passing a nullptr, and having the function check for that?
That'll avoid an unused var here. Otherwise, rename it to |unused_threat_type|.

Same nullptr below.

[estark, 2016/11/11 20:28:13]

Done.

     site_list->RemovePending(whitelist_url);
 
   // Notify security UI that security state has changed.
   web_contents->DidChangeVisibleSecurityState();
 }
 
 bool SafeBrowsingUIManager::IsWhitelisted(const UnsafeResource& resource) {
   NavigationEntry* entry = nullptr;
   if (resource.is_subresource) {
     entry = resource.GetNavigationEntryForResource();
   }
+  SBThreatType unused_threat_type;
   return IsUrlWhitelistedOrPendingForWebContents(
       resource.url, resource.is_subresource, entry,
-      resource.web_contents_getter.Run(), true);
+      resource.web_contents_getter.Run(), true, &unused_threat_type);
 }
 
 // Check if the user has already seen and/or ignored a SB warning for this
 // WebContents and top-level domain.
 bool SafeBrowsingUIManager::IsUrlWhitelistedOrPendingForWebContents(
     const GURL& url,
     bool is_subresource,
     NavigationEntry* entry,
     content::WebContents* web_contents,
-    bool whitelist_only) {
+    bool whitelist_only,
+    SBThreatType* threat_type) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
 
   GURL lookup_url = GetWhitelistUrl(url, is_subresource, entry);
   if (lookup_url.is_empty())
     return false;
 
   WhitelistUrlSet* site_list =
       static_cast<WhitelistUrlSet*>(web_contents->GetUserData(kWhitelistKey));
   if (!site_list)
     return false;
 
-  bool whitelisted = site_list->Contains(lookup_url);
+  bool whitelisted = site_list->Contains(lookup_url, threat_type);
   if (whitelist_only) {
     return whitelisted;
   } else {
-    return whitelisted || site_list->ContainsPending(lookup_url);
+    return whitelisted || site_list->ContainsPending(lookup_url, threat_type);
   }
 }
 
 // Static.
 GURL SafeBrowsingUIManager::GetMainFrameWhitelistUrlForResourceForTesting(
     const safe_browsing::SafeBrowsingUIManager::UnsafeResource& resource) {
   return GetMainFrameWhitelistUrlForResource(resource);
 }
 
 }  // namespace safe_browsing