OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <memory> | 9 #include <memory> |
10 | 10 |
(...skipping 20 matching lines...) Expand all Loading... |
31 #include "base/time/time.h" | 31 #include "base/time/time.h" |
32 #include "build/build_config.h" | 32 #include "build/build_config.h" |
33 #include "chrome/browser/browser_process.h" | 33 #include "chrome/browser/browser_process.h" |
34 #include "chrome/browser/history/history_service_factory.h" | 34 #include "chrome/browser/history/history_service_factory.h" |
35 #include "chrome/browser/metrics/chrome_metrics_service_accessor.h" | 35 #include "chrome/browser/metrics/chrome_metrics_service_accessor.h" |
36 #include "chrome/browser/profiles/profile.h" | 36 #include "chrome/browser/profiles/profile.h" |
37 #include "chrome/browser/profiles/profile_manager.h" | 37 #include "chrome/browser/profiles/profile_manager.h" |
38 #include "chrome/browser/safe_browsing/download_feedback_service.h" | 38 #include "chrome/browser/safe_browsing/download_feedback_service.h" |
39 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 39 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
40 #include "chrome/browser/safe_browsing/sandboxed_zip_analyzer.h" | 40 #include "chrome/browser/safe_browsing/sandboxed_zip_analyzer.h" |
| 41 #include "chrome/browser/sessions/session_tab_helper.h" |
41 #include "chrome/browser/ui/browser.h" | 42 #include "chrome/browser/ui/browser.h" |
42 #include "chrome/browser/ui/browser_list.h" | 43 #include "chrome/browser/ui/browser_list.h" |
43 #include "chrome/common/pref_names.h" | 44 #include "chrome/common/pref_names.h" |
44 #include "chrome/common/safe_browsing/binary_feature_extractor.h" | 45 #include "chrome/common/safe_browsing/binary_feature_extractor.h" |
45 #include "chrome/common/safe_browsing/csd.pb.h" | 46 #include "chrome/common/safe_browsing/csd.pb.h" |
46 #include "chrome/common/safe_browsing/download_protection_util.h" | 47 #include "chrome/common/safe_browsing/download_protection_util.h" |
47 #include "chrome/common/safe_browsing/file_type_policies.h" | 48 #include "chrome/common/safe_browsing/file_type_policies.h" |
48 #include "chrome/common/safe_browsing/zip_analyzer_results.h" | 49 #include "chrome/common/safe_browsing/zip_analyzer_results.h" |
49 #include "chrome/common/url_constants.h" | 50 #include "chrome/common/url_constants.h" |
50 #include "components/data_use_measurement/core/data_use_user_data.h" | 51 #include "components/data_use_measurement/core/data_use_user_data.h" |
(...skipping 15 matching lines...) Expand all Loading... |
66 #include "net/http/http_status_code.h" | 67 #include "net/http/http_status_code.h" |
67 #include "net/url_request/url_fetcher.h" | 68 #include "net/url_request/url_fetcher.h" |
68 #include "net/url_request/url_fetcher_delegate.h" | 69 #include "net/url_request/url_fetcher_delegate.h" |
69 #include "net/url_request/url_request_status.h" | 70 #include "net/url_request/url_request_status.h" |
70 | 71 |
71 #if defined(OS_MACOSX) | 72 #if defined(OS_MACOSX) |
72 #include "chrome/browser/safe_browsing/sandboxed_dmg_analyzer_mac.h" | 73 #include "chrome/browser/safe_browsing/sandboxed_dmg_analyzer_mac.h" |
73 #endif | 74 #endif |
74 | 75 |
75 using content::BrowserThread; | 76 using content::BrowserThread; |
| 77 namespace safe_browsing { |
76 | 78 |
77 namespace { | 79 namespace { |
78 | 80 |
79 const int64_t kDownloadRequestTimeoutMs = 7000; | 81 const int64_t kDownloadRequestTimeoutMs = 7000; |
80 // We sample 1% of whitelisted downloads to still send out download pings. | 82 // We sample 1% of whitelisted downloads to still send out download pings. |
81 const double kWhitelistDownloadSampleRate = 0.01; | 83 const double kWhitelistDownloadSampleRate = 0.01; |
82 | 84 |
| 85 // The number of user gestures we trace back for download attribution. |
| 86 const int kDownloadAttributionUserGestureLimit = 2; |
| 87 |
83 const char kDownloadExtensionUmaName[] = "SBClientDownload.DownloadExtensions"; | 88 const char kDownloadExtensionUmaName[] = "SBClientDownload.DownloadExtensions"; |
84 const char kUnsupportedSchemeUmaPrefix[] = "SBClientDownload.UnsupportedScheme"; | 89 const char kUnsupportedSchemeUmaPrefix[] = "SBClientDownload.UnsupportedScheme"; |
85 | 90 |
86 enum WhitelistType { | 91 enum WhitelistType { |
87 NO_WHITELIST_MATCH, | 92 NO_WHITELIST_MATCH, |
88 URL_WHITELIST, | 93 URL_WHITELIST, |
89 SIGNATURE_WHITELIST, | 94 SIGNATURE_WHITELIST, |
90 WHITELIST_TYPE_MAX | 95 WHITELIST_TYPE_MAX |
91 }; | 96 }; |
92 | 97 |
93 void RecordCountOfWhitelistedDownload(WhitelistType type) { | 98 void RecordCountOfWhitelistedDownload(WhitelistType type) { |
94 UMA_HISTOGRAM_ENUMERATION("SBClientDownload.CheckWhitelistResult", type, | 99 UMA_HISTOGRAM_ENUMERATION("SBClientDownload.CheckWhitelistResult", type, |
95 WHITELIST_TYPE_MAX); | 100 WHITELIST_TYPE_MAX); |
96 } | 101 } |
97 | 102 |
98 } // namespace | 103 } // namespace |
99 | 104 |
100 namespace safe_browsing { | |
101 | |
102 const char DownloadProtectionService::kDownloadRequestUrl[] = | 105 const char DownloadProtectionService::kDownloadRequestUrl[] = |
103 "https://sb-ssl.google.com/safebrowsing/clientreport/download"; | 106 "https://sb-ssl.google.com/safebrowsing/clientreport/download"; |
104 | 107 |
105 const void* const DownloadProtectionService::kDownloadPingTokenKey | 108 const void* const DownloadProtectionService::kDownloadPingTokenKey |
106 = &kDownloadPingTokenKey; | 109 = &kDownloadPingTokenKey; |
107 | 110 |
108 namespace { | 111 namespace { |
109 void RecordFileExtensionType(const std::string& metric_name, | 112 void RecordFileExtensionType(const std::string& metric_name, |
110 const base::FilePath& file) { | 113 const base::FilePath& file) { |
111 UMA_HISTOGRAM_SPARSE_SLOWLY( | 114 UMA_HISTOGRAM_SPARSE_SLOWLY( |
(...skipping 883 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
995 request.set_user_initiated(item_->HasUserGesture()); | 998 request.set_user_initiated(item_->HasUserGesture()); |
996 if (type_ == ClientDownloadRequest::SAMPLED_UNSUPPORTED_FILE) { | 999 if (type_ == ClientDownloadRequest::SAMPLED_UNSUPPORTED_FILE) { |
997 request.set_file_basename( | 1000 request.set_file_basename( |
998 base::FilePath(item_->GetTargetFilePath().Extension()) | 1001 base::FilePath(item_->GetTargetFilePath().Extension()) |
999 .AsUTF8Unsafe()); | 1002 .AsUTF8Unsafe()); |
1000 } else { | 1003 } else { |
1001 request.set_file_basename( | 1004 request.set_file_basename( |
1002 item_->GetTargetFilePath().BaseName().AsUTF8Unsafe()); | 1005 item_->GetTargetFilePath().BaseName().AsUTF8Unsafe()); |
1003 } | 1006 } |
1004 request.set_download_type(type_); | 1007 request.set_download_type(type_); |
| 1008 |
| 1009 service_->AddReferrerChainToClientDownloadRequest( |
| 1010 item_->GetURL(), |
| 1011 item_->GetWebContents(), |
| 1012 &request); |
| 1013 |
1005 if (archive_is_valid_ != ArchiveValid::UNSET) | 1014 if (archive_is_valid_ != ArchiveValid::UNSET) |
1006 request.set_archive_valid(archive_is_valid_ == ArchiveValid::VALID); | 1015 request.set_archive_valid(archive_is_valid_ == ArchiveValid::VALID); |
1007 request.mutable_signature()->CopyFrom(signature_info_); | 1016 request.mutable_signature()->CopyFrom(signature_info_); |
1008 if (image_headers_) | 1017 if (image_headers_) |
1009 request.set_allocated_image_headers(image_headers_.release()); | 1018 request.set_allocated_image_headers(image_headers_.release()); |
1010 if (archived_executable_) | 1019 if (archived_executable_) |
1011 request.mutable_archived_binary()->Swap(&archived_binary_); | 1020 request.mutable_archived_binary()->Swap(&archived_binary_); |
1012 if (!request.SerializeToString(&client_download_request_data_)) { | 1021 if (!request.SerializeToString(&client_download_request_data_)) { |
1013 FinishRequest(UNKNOWN, REASON_INVALID_REQUEST_PROTO); | 1022 FinishRequest(UNKNOWN, REASON_INVALID_REQUEST_PROTO); |
1014 return; | 1023 return; |
(...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1342 if (alternate_extension.empty()) | 1351 if (alternate_extension.empty()) |
1343 continue; | 1352 continue; |
1344 DCHECK_EQ(base::FilePath::kExtensionSeparator, alternate_extension[0]); | 1353 DCHECK_EQ(base::FilePath::kExtensionSeparator, alternate_extension[0]); |
1345 *(request.add_alternate_extensions()) = | 1354 *(request.add_alternate_extensions()) = |
1346 base::FilePath(alternate_extension).AsUTF8Unsafe(); | 1355 base::FilePath(alternate_extension).AsUTF8Unsafe(); |
1347 } | 1356 } |
1348 if (supported_path_ != default_file_path_) { | 1357 if (supported_path_ != default_file_path_) { |
1349 *(request.add_alternate_extensions()) = | 1358 *(request.add_alternate_extensions()) = |
1350 base::FilePath(default_file_path_.FinalExtension()).AsUTF8Unsafe(); | 1359 base::FilePath(default_file_path_.FinalExtension()).AsUTF8Unsafe(); |
1351 } | 1360 } |
| 1361 service_->AddReferrerChainToClientDownloadRequest( |
| 1362 requestor_url_, |
| 1363 nullptr, |
| 1364 &request); |
1352 | 1365 |
1353 if (!request.SerializeToString(&client_download_request_data_)) { | 1366 if (!request.SerializeToString(&client_download_request_data_)) { |
1354 // More of an internal error than anything else. Note that the UNKNOWN | 1367 // More of an internal error than anything else. Note that the UNKNOWN |
1355 // verdict gets interpreted as "allowed". | 1368 // verdict gets interpreted as "allowed". |
1356 Finish(RequestOutcome::REQUEST_MALFORMED, UNKNOWN); | 1369 Finish(RequestOutcome::REQUEST_MALFORMED, UNKNOWN); |
1357 return; | 1370 return; |
1358 } | 1371 } |
1359 | 1372 |
1360 service_->ppapi_download_request_callbacks_.Notify(&request); | 1373 service_->ppapi_download_request_callbacks_.Notify(&request); |
1361 DVLOG(2) << "Sending a PPAPI download request for URL: " << request.url(); | 1374 DVLOG(2) << "Sending a PPAPI download request for URL: " << request.url(); |
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1509 enabled_(false), | 1522 enabled_(false), |
1510 binary_feature_extractor_(new BinaryFeatureExtractor()), | 1523 binary_feature_extractor_(new BinaryFeatureExtractor()), |
1511 download_request_timeout_ms_(kDownloadRequestTimeoutMs), | 1524 download_request_timeout_ms_(kDownloadRequestTimeoutMs), |
1512 feedback_service_( | 1525 feedback_service_( |
1513 new DownloadFeedbackService(request_context_getter_.get(), | 1526 new DownloadFeedbackService(request_context_getter_.get(), |
1514 BrowserThread::GetBlockingPool())), | 1527 BrowserThread::GetBlockingPool())), |
1515 whitelist_sample_rate_(kWhitelistDownloadSampleRate) { | 1528 whitelist_sample_rate_(kWhitelistDownloadSampleRate) { |
1516 if (sb_service) { | 1529 if (sb_service) { |
1517 ui_manager_ = sb_service->ui_manager(); | 1530 ui_manager_ = sb_service->ui_manager(); |
1518 database_manager_ = sb_service->database_manager(); | 1531 database_manager_ = sb_service->database_manager(); |
| 1532 navigation_observer_manager_ = sb_service->navigation_observer_manager(); |
1519 ParseManualBlacklistFlag(); | 1533 ParseManualBlacklistFlag(); |
1520 } | 1534 } |
1521 } | 1535 } |
1522 | 1536 |
1523 DownloadProtectionService::~DownloadProtectionService() { | 1537 DownloadProtectionService::~DownloadProtectionService() { |
1524 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 1538 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
1525 CancelPendingRequests(); | 1539 CancelPendingRequests(); |
1526 } | 1540 } |
1527 | 1541 |
1528 void DownloadProtectionService::SetEnabled(bool enabled) { | 1542 void DownloadProtectionService::SetEnabled(bool enabled) { |
(...skipping 243 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1772 // static | 1786 // static |
1773 GURL DownloadProtectionService::GetDownloadRequestUrl() { | 1787 GURL DownloadProtectionService::GetDownloadRequestUrl() { |
1774 GURL url(kDownloadRequestUrl); | 1788 GURL url(kDownloadRequestUrl); |
1775 std::string api_key = google_apis::GetAPIKey(); | 1789 std::string api_key = google_apis::GetAPIKey(); |
1776 if (!api_key.empty()) | 1790 if (!api_key.empty()) |
1777 url = url.Resolve("?key=" + net::EscapeQueryParamValue(api_key, true)); | 1791 url = url.Resolve("?key=" + net::EscapeQueryParamValue(api_key, true)); |
1778 | 1792 |
1779 return url; | 1793 return url; |
1780 } | 1794 } |
1781 | 1795 |
| 1796 void DownloadProtectionService::AddReferrerChainToClientDownloadRequest( |
| 1797 const GURL& download_url, |
| 1798 content::WebContents* web_contents, |
| 1799 ClientDownloadRequest* out_request) { |
| 1800 if (!base::FeatureList::IsEnabled( |
| 1801 SafeBrowsingNavigationObserverManager::kDownloadAttribution) || |
| 1802 !navigation_observer_manager_) { |
| 1803 return; |
| 1804 } |
| 1805 |
| 1806 int download_tab_id = SessionTabHelper::IdForTab(web_contents); |
| 1807 UMA_HISTOGRAM_BOOLEAN( |
| 1808 "SafeBrowsing.ReferrerHasInvalidTabID.DownloadAttribution", |
| 1809 download_tab_id == -1); |
| 1810 std::vector<ReferrerChainEntry> attribution_chain; |
| 1811 SafeBrowsingNavigationObserverManager::AttributionResult result = |
| 1812 navigation_observer_manager_->IdentifyReferrerChain( |
| 1813 download_url, |
| 1814 download_tab_id, |
| 1815 kDownloadAttributionUserGestureLimit, |
| 1816 &attribution_chain); |
| 1817 UMA_HISTOGRAM_COUNTS_100( |
| 1818 "SafeBrowsing.ReferrerURLChainSize.DownloadAttribution", |
| 1819 attribution_chain.size()); |
| 1820 UMA_HISTOGRAM_ENUMERATION( |
| 1821 "SafeBrowsing.ReferrerAttributionResult.DownloadAttribution", result, |
| 1822 SafeBrowsingNavigationObserverManager::ATTRIBUTION_FAILURE_TYPE_MAX); |
| 1823 for (auto entry : attribution_chain) |
| 1824 *out_request->add_referrer_chain() = std::move(entry); |
| 1825 } |
| 1826 |
1782 } // namespace safe_browsing | 1827 } // namespace safe_browsing |
OLD | NEW |