Chromium Code Reviews Chromium Code Reviews
Issue 252613002:
Domain Reliability: More security review. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/domain_reliability/config.h" | 5 #include "components/domain_reliability/config.h" |
| 6 | 6 |
| 7 #include <limits.h> | |
|
Ryan Sleevi
2014/05/06 22:50:41
it's stdint.h, not limits.h, that defines SIZE_MAX
Deprecated (see juliatuttle)
2014/05/07 02:36:07
Done.
| |
| 8 | |
| 7 #include "base/json/json_reader.h" | 9 #include "base/json/json_reader.h" |
| 8 #include "base/json/json_value_converter.h" | 10 #include "base/json/json_value_converter.h" |
| 9 #include "base/rand_util.h" | 11 #include "base/rand_util.h" |
| 10 #include "base/strings/string_util.h" | 12 #include "base/strings/string_util.h" |
| 11 | 13 |
| 12 namespace { | 14 namespace { |
| 13 | 15 |
| 14 bool ConvertURL(const base::StringPiece& string_piece, GURL* url) { | 16 bool ConvertURL(const base::StringPiece& string_piece, GURL* url) { |
| 15 *url = GURL(string_piece.as_string()); | 17 *url = GURL(string_piece.as_string()); |
| 16 return url->is_valid(); | 18 return url->is_valid(); |
| 17 } | 19 } |
| 18 | 20 |
| 19 bool IsValidSampleRate(double p) { return p >= 0.0 && p <= 1.0; } | 21 bool IsValidSampleRate(double p) { return p >= 0.0 && p <= 1.0; } |
| 20 | 22 |
| 21 } // namespace | 23 } // namespace |
| 22 | 24 |
| 23 namespace domain_reliability { | 25 namespace domain_reliability { |
| 24 | 26 |
| 25 DomainReliabilityConfig::Resource::Resource() {} | 27 // static |
| 28 const size_t DomainReliabilityConfig::kInvalidResourceIndex = SIZE_MAX; | |
| 26 | 29 |
| 30 DomainReliabilityConfig::Resource::Resource() { | |
| 31 } | |
| 27 DomainReliabilityConfig::Resource::~Resource() {} | 32 DomainReliabilityConfig::Resource::~Resource() {} |
| 28 | 33 |
| 29 bool DomainReliabilityConfig::Resource::MatchesUrlString( | 34 bool DomainReliabilityConfig::Resource::MatchesUrl(const GURL& url) const { |
| 30 const std::string& url_string) const { | 35 const std::string& spec = url.spec(); |
| 36 | |
| 31 ScopedVector<std::string>::const_iterator it; | 37 ScopedVector<std::string>::const_iterator it; |
| 32 | |
| 33 for (it = url_patterns.begin(); it != url_patterns.end(); it++) { | 38 for (it = url_patterns.begin(); it != url_patterns.end(); it++) { |
| 34 if (MatchPattern(url_string, **it)) | 39 if (MatchPattern(spec, **it)) |
| 35 return true; | 40 return true; |
| 36 } | 41 } |
| 37 | 42 |
| 38 return false; | 43 return false; |
| 39 } | 44 } |
| 40 | 45 |
| 41 bool DomainReliabilityConfig::Resource::DecideIfShouldReportRequest( | 46 bool DomainReliabilityConfig::Resource::DecideIfShouldReportRequest( |
| 42 bool success) const { | 47 bool success) const { |
| 43 double sample_rate = success ? success_sample_rate : failure_sample_rate; | 48 double sample_rate = success ? success_sample_rate : failure_sample_rate; |
| 49 DCHECK(IsValidSampleRate(sample_rate)); | |
| 44 return base::RandDouble() < sample_rate; | 50 return base::RandDouble() < sample_rate; |
| 45 } | 51 } |
| 46 | 52 |
| 47 // static | 53 // static |
| 48 void DomainReliabilityConfig::Resource::RegisterJSONConverter( | 54 void DomainReliabilityConfig::Resource::RegisterJSONConverter( |
| 49 base::JSONValueConverter<DomainReliabilityConfig::Resource>* converter) { | 55 base::JSONValueConverter<DomainReliabilityConfig::Resource>* converter) { |
| 50 converter->RegisterStringField("resource_name", &Resource::name); | 56 converter->RegisterStringField("resource_name", &Resource::name); |
| 51 converter->RegisterRepeatedString("url_patterns", &Resource::url_patterns); | 57 converter->RegisterRepeatedString("url_patterns", &Resource::url_patterns); |
| 52 converter->RegisterDoubleField("success_sample_rate", | 58 converter->RegisterDoubleField("success_sample_rate", |
| 53 &Resource::success_sample_rate); | 59 &Resource::success_sample_rate); |
| 54 converter->RegisterDoubleField("failure_sample_rate", | 60 converter->RegisterDoubleField("failure_sample_rate", |
| 55 &Resource::failure_sample_rate); | 61 &Resource::failure_sample_rate); |
| 56 } | 62 } |
| 57 | 63 |
| 58 bool DomainReliabilityConfig::Resource::IsValid() const { | 64 bool DomainReliabilityConfig::Resource::IsValid() const { |
| 59 return !name.empty() && !url_patterns.empty() && | 65 return !name.empty() && !url_patterns.empty() && |
| 60 IsValidSampleRate(success_sample_rate) && | 66 IsValidSampleRate(success_sample_rate) && |
| 61 IsValidSampleRate(failure_sample_rate); | 67 IsValidSampleRate(failure_sample_rate); |
| 62 } | 68 } |
| 63 | 69 |
| 64 DomainReliabilityConfig::Collector::Collector() {} | 70 DomainReliabilityConfig::Collector::Collector() {} |
| 65 | |
| 66 DomainReliabilityConfig::Collector::~Collector() {} | 71 DomainReliabilityConfig::Collector::~Collector() {} |
| 67 | 72 |
| 68 // static | 73 // static |
| 69 void DomainReliabilityConfig::Collector::RegisterJSONConverter( | 74 void DomainReliabilityConfig::Collector::RegisterJSONConverter( |
| 70 base::JSONValueConverter<DomainReliabilityConfig::Collector>* converter) { | 75 base::JSONValueConverter<DomainReliabilityConfig::Collector>* converter) { |
| 71 converter->RegisterCustomField<GURL>("upload_url", &Collector::upload_url, | 76 converter->RegisterCustomField<GURL>("upload_url", &Collector::upload_url, |
| 72 &ConvertURL); | 77 &ConvertURL); |
| 73 } | 78 } |
| 74 | 79 |
| 75 bool DomainReliabilityConfig::Collector::IsValid() const { | 80 bool DomainReliabilityConfig::Collector::IsValid() const { |
| 76 return upload_url.is_valid(); | 81 return upload_url.is_valid(); |
| 77 } | 82 } |
| 78 | 83 |
| 79 DomainReliabilityConfig::DomainReliabilityConfig() : valid_until(0.0) {} | 84 DomainReliabilityConfig::DomainReliabilityConfig() : valid_until(0.0) {} |
| 80 | |
| 81 DomainReliabilityConfig::~DomainReliabilityConfig() {} | 85 DomainReliabilityConfig::~DomainReliabilityConfig() {} |
| 82 | 86 |
| 83 // static | 87 // static |
| 84 scoped_ptr<const DomainReliabilityConfig> DomainReliabilityConfig::FromJSON( | 88 scoped_ptr<const DomainReliabilityConfig> DomainReliabilityConfig::FromJSON( |
| 85 const base::StringPiece& json) { | 89 const base::StringPiece& json) { |
| 86 scoped_ptr<base::Value> value(base::JSONReader::Read(json)); | 90 scoped_ptr<base::Value> value(base::JSONReader::Read(json)); |
| 87 if (!value) | 91 base::JSONValueConverter<DomainReliabilityConfig> converter; |
| 92 DomainReliabilityConfig* config = new DomainReliabilityConfig(); | |
| 93 | |
| 94 // If we can parse and convert the JSON into a valid config, return that. | |
| 95 if (value && converter.Convert(*value, config) && config->IsValid()) | |
| 96 return scoped_ptr<const DomainReliabilityConfig>(config); | |
| 97 else | |
| 88 return scoped_ptr<const DomainReliabilityConfig>(); | 98 return scoped_ptr<const DomainReliabilityConfig>(); |
| 89 | |
| 90 DomainReliabilityConfig* config = new DomainReliabilityConfig(); | |
| 91 base::JSONValueConverter<DomainReliabilityConfig> converter; | |
| 92 if (!converter.Convert(*value, config)) { | |
| 93 return scoped_ptr<const DomainReliabilityConfig>(); | |
| 94 } | |
| 95 | |
| 96 if (!config->IsValid()) | |
| 97 return scoped_ptr<const DomainReliabilityConfig>(); | |
| 98 | |
| 99 return scoped_ptr<const DomainReliabilityConfig>(config); | |
| 100 } | 99 } |
| 101 | 100 |
| 102 bool DomainReliabilityConfig::IsValid() const { | 101 bool DomainReliabilityConfig::IsValid() const { |
| 103 if (valid_until == 0.0 || domain.empty() || version.empty() || | 102 if (valid_until == 0.0 || domain.empty() || version.empty() || |
| 104 resources.empty() || collectors.empty()) { | 103 resources.empty() || collectors.empty()) { |
| 105 return false; | 104 return false; |
| 106 } | 105 } |
| 107 | 106 |
| 108 for (size_t i = 0; i < resources.size(); ++i) { | 107 for (size_t i = 0; i < resources.size(); ++i) { |
| 109 if (!resources[i]->IsValid()) | 108 if (!resources[i]->IsValid()) |
| 110 return false; | 109 return false; |
| 111 } | 110 } |
| 112 | 111 |
| 113 for (size_t i = 0; i < collectors.size(); ++i) { | 112 for (size_t i = 0; i < collectors.size(); ++i) { |
| 114 if (!collectors[i]->IsValid()) | 113 if (!collectors[i]->IsValid()) |
| 115 return false; | 114 return false; |
| 116 } | 115 } |
| 117 | 116 |
| 118 return true; | 117 return true; |
| 119 } | 118 } |
| 120 | 119 |
| 121 bool DomainReliabilityConfig::IsExpired(base::Time now) const { | 120 bool DomainReliabilityConfig::IsExpired(base::Time now) const { |
| 121 DCHECK_NE(0.0, valid_until); | |
| 122 base::Time valid_until_time = base::Time::FromDoubleT(valid_until); | 122 base::Time valid_until_time = base::Time::FromDoubleT(valid_until); |
| 123 return now > valid_until_time; | 123 return now > valid_until_time; |
| 124 } | 124 } |
| 125 | 125 |
| 126 int DomainReliabilityConfig::GetResourceIndexForUrl(const GURL& url) const { | 126 size_t DomainReliabilityConfig::GetResourceIndexForUrl(const GURL& url) const { |
| 127 const std::string& url_string = url.spec(); | 127 // Removes username, password, and fragment. |
| 128 GURL sanitized_url = url.GetAsReferrer(); | |
| 128 | 129 |
| 129 for (size_t i = 0; i < resources.size(); ++i) { | 130 for (size_t i = 0; i < resources.size(); ++i) { |
| 130 if (resources[i]->MatchesUrlString(url_string)) | 131 if (resources[i]->MatchesUrl(sanitized_url)) |
| 131 return static_cast<int>(i); | 132 return i; |
| 132 } | 133 } |
| 133 | 134 |
| 134 return -1; | 135 return kInvalidResourceIndex; |
| 135 } | 136 } |
| 136 | 137 |
| 137 // static | 138 // static |
| 138 void DomainReliabilityConfig::RegisterJSONConverter( | 139 void DomainReliabilityConfig::RegisterJSONConverter( |
| 139 base::JSONValueConverter<DomainReliabilityConfig>* converter) { | 140 base::JSONValueConverter<DomainReliabilityConfig>* converter) { |
| 140 converter->RegisterStringField("config_version", | 141 converter->RegisterStringField("config_version", |
| 141 &DomainReliabilityConfig::version); | 142 &DomainReliabilityConfig::version); |
| 142 converter->RegisterDoubleField("config_valid_until", | 143 converter->RegisterDoubleField("config_valid_until", |
| 143 &DomainReliabilityConfig::valid_until); | 144 &DomainReliabilityConfig::valid_until); |
| 144 converter->RegisterStringField("monitored_domain", | 145 converter->RegisterStringField("monitored_domain", |
| 145 &DomainReliabilityConfig::domain); | 146 &DomainReliabilityConfig::domain); |
| 146 converter->RegisterRepeatedMessage("monitored_resources", | 147 converter->RegisterRepeatedMessage("monitored_resources", |
| 147 &DomainReliabilityConfig::resources); | 148 &DomainReliabilityConfig::resources); |
| 148 converter->RegisterRepeatedMessage("collectors", | 149 converter->RegisterRepeatedMessage("collectors", |
| 149 &DomainReliabilityConfig::collectors); | 150 &DomainReliabilityConfig::collectors); |
| 150 } | 151 } |
| 151 | 152 |
| 152 } // namespace domain_reliability | 153 } // namespace domain_reliability |
| OLD | NEW |
