Wireup SafeBrowsingNavigationObserverManager to help PPAPI download attribution

chrome/browser/safe_browsing/download_protection_service.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/download_protection_service.h"
 
 #include <stddef.h>
 
 #include <memory>
 
@@ skipping 1212 matching lines @@
     TIMEDOUT,
     WHITELIST_HIT,
     REQUEST_MALFORMED,
     FETCH_FAILED,
     RESPONSE_MALFORMED,
     SUCCEEDED
   };
 
   PPAPIDownloadRequest(
       const GURL& requestor_url,
+      const GURL& initiating_frame_url,
+      content::WebContents* web_contents,
       const base::FilePath& default_file_path,
       const std::vector<base::FilePath::StringType>& alternate_extensions,
       Profile* profile,
       const CheckDownloadCallback& callback,
       DownloadProtectionService* service,
       scoped_refptr<SafeBrowsingDatabaseManager> database_manager)
       : requestor_url_(requestor_url),
+        initiating_frame_url_(initiating_frame_url),
+        web_contents_(web_contents),

[asanka, 2017/01/05 18:00:44]

not safe to store web_contents without observing it. It might get destroyed
while PPAPIDownloadRequest is thread-hopping.

If possible, considering capturing the attribution chain here instead of waiting
until later.

[Jialiu Lin, 2017/01/05 20:12:21]

Though my current code can work with null web_contents_, your suggestion is
definitely much better. In my attribution code, web_contents_ is used to
determine two things: (1) tab_id (default -1, if web_contents is not available,
then attribution will be based only on url), (2) whether this web_content_ has
any user gesture (default false).  So I'll compute these two things here instead
of later. Thanks!

[asanka, 2017/01/05 20:35:31]

Cool. Though my worry here was that web_contents_ would point to invalid memory
rather than be nullptr by the time the original code got around to using it. The
lifetime of these objects are quite finicky :-)

[Jialiu Lin, 2017/01/05 22:10:12]

We can probably trust WebContents::FromRenderFrameHost(rfh) (called in
FileSelectHelper::CheckDownloadRequestWithSafeBrowsing) to return the valid
web_contents or nullptr in case rfh is not avaialble. 
And there is no thread-hopping or delay between
CheckDownloadRequestWithSafeBrowsing() and this constructor here.
And now all the uses of web_contents are moved to this constructor. I think
we're quite safe here. 

         default_file_path_(default_file_path),
         alternate_extensions_(alternate_extensions),
         callback_(callback),
         service_(service),
         database_manager_(database_manager),
         start_time_(base::TimeTicks::Now()),
         supported_path_(
             GetSupportedFilePath(default_file_path, alternate_extensions)),
         weakptr_factory_(this) {
     DCHECK(profile);
@@ skipping 102 matching lines @@
         continue;
       DCHECK_EQ(base::FilePath::kExtensionSeparator, alternate_extension[0]);
       *(request.add_alternate_extensions()) =
           base::FilePath(alternate_extension).AsUTF8Unsafe();
     }
     if (supported_path_ != default_file_path_) {
       *(request.add_alternate_extensions()) =
           base::FilePath(default_file_path_.FinalExtension()).AsUTF8Unsafe();
     }
 
-    // TODO(676691): We should add reliable download referrer chain for PPAPI
-    // downloads too.
+    service_->AddReferrerChainToPPAPIClientDownloadRequest(
+        initiating_frame_url_,
+        web_contents_,
+        &request);
 
     if (!request.SerializeToString(&client_download_request_data_)) {
       // More of an internal error than anything else. Note that the UNKNOWN
       // verdict gets interpreted as "allowed".
       Finish(RequestOutcome::REQUEST_MALFORMED, UNKNOWN);
       return;
     }
 
     service_->ppapi_download_request_callbacks_.Notify(&request);
     DVLOG(2) << "Sending a PPAPI download request for URL: " << request.url();
@@ skipping 103 matching lines @@
 
     return base::FilePath();
   }
 
   std::unique_ptr<net::URLFetcher> fetcher_;
   std::string client_download_request_data_;
 
   // URL of document that requested the PPAPI download.
   const GURL requestor_url_;
 
+  // URL of the frame that hosted the PPAPI plugin.
+  const GURL initiating_frame_url_;
+
+  // WebContents that is associated with this PPAPI download.
+  content::WebContents* web_contents_;
+
   // Default download path requested by the PPAPI plugin.
   const base::FilePath default_file_path_;
 
   // List of alternate extensions provided by the PPAPI plugin. Each extension
   // must begin with a leading extension separator.
   const std::vector<base::FilePath::StringType> alternate_extensions_;
 
   // Callback to invoke with the result of the PPAPI download request check.
   CheckDownloadCallback callback_;
 
@@ skipping 110 matching lines @@
       ClientDownloadRequest::WIN_EXECUTABLE;
   // TODO(nparker): Remove the CRX check here once can support
   // UNKNOWN types properly.  http://crbug.com/581044
   return (CheckClientDownloadRequest::IsSupportedDownload(
               item, target_path, &reason, &type) &&
           (ClientDownloadRequest::CHROME_EXTENSION != type));
 }
 
 void DownloadProtectionService::CheckPPAPIDownloadRequest(
     const GURL& requestor_url,
+    const GURL& initiating_frame_url,
+    content::WebContents* web_contents,
     const base::FilePath& default_file_path,
     const std::vector<base::FilePath::StringType>& alternate_extensions,
     Profile* profile,
     const CheckDownloadCallback& callback) {
   DVLOG(1) << __func__ << " url:" << requestor_url
            << " default_file_path:" << default_file_path.value();
   std::unique_ptr<PPAPIDownloadRequest> request(new PPAPIDownloadRequest(
-      requestor_url, default_file_path, alternate_extensions, profile, callback,
-      this, database_manager_));
+      requestor_url, initiating_frame_url, web_contents, default_file_path,
+      alternate_extensions, profile, callback, this, database_manager_));
   PPAPIDownloadRequest* request_copy = request.get();
   auto insertion_result = ppapi_download_requests_.insert(
       std::make_pair(request_copy, std::move(request)));
   DCHECK(insertion_result.second);
   insertion_result.first->second->Start();
 }
 
 DownloadProtectionService::ClientDownloadRequestSubscription
 DownloadProtectionService::RegisterClientDownloadRequestCallback(
     const ClientDownloadRequestCallback& callback) {
@@ skipping 165 matching lines @@
       !navigation_observer_manager_) {
     return;
   }
 
   int download_tab_id = SessionTabHelper::IdForTab(web_contents);
   UMA_HISTOGRAM_BOOLEAN(
       "SafeBrowsing.ReferrerHasInvalidTabID.DownloadAttribution",
       download_tab_id == -1);
   std::vector<ReferrerChainEntry> attribution_chain;
   SafeBrowsingNavigationObserverManager::AttributionResult result =
-      navigation_observer_manager_->IdentifyReferrerChain(
+      navigation_observer_manager_->IdentifyReferrerChainForDownload(
           download_url,
           download_tab_id,
           kDownloadAttributionUserGestureLimit,
           &attribution_chain);
   UMA_HISTOGRAM_COUNTS_100(
       "SafeBrowsing.ReferrerURLChainSize.DownloadAttribution",
       attribution_chain.size());
   UMA_HISTOGRAM_ENUMERATION(
       "SafeBrowsing.ReferrerAttributionResult.DownloadAttribution", result,
       SafeBrowsingNavigationObserverManager::ATTRIBUTION_FAILURE_TYPE_MAX);
   for (auto entry : attribution_chain)
     out_request->add_referrer_chain()->Swap(&entry);
 }
 
+void DownloadProtectionService::AddReferrerChainToPPAPIClientDownloadRequest(
+  const GURL& initiating_frame_url,
+  content::WebContents* web_contents,
+  ClientDownloadRequest* out_request) {
+  if (!base::FeatureList::IsEnabled(
+      SafeBrowsingNavigationObserverManager::kDownloadAttribution) ||
+      !navigation_observer_manager_) {
+    return;
+  }
+
+  std::vector<ReferrerChainEntry> attribution_chain;
+  SafeBrowsingNavigationObserverManager::AttributionResult result =
+      navigation_observer_manager_->IdentifyReferrerChainForPPAPIDownload(
+          initiating_frame_url,
+          web_contents,
+          kDownloadAttributionUserGestureLimit,
+          &attribution_chain);
+  UMA_HISTOGRAM_COUNTS_100(
+      "SafeBrowsing.ReferrerURLChainSize.PPAPIDownloadAttribution",
+      attribution_chain.size());
+  UMA_HISTOGRAM_ENUMERATION(
+      "SafeBrowsing.ReferrerAttributionResult.PPAPIDownloadAttribution", result,
+      SafeBrowsingNavigationObserverManager::ATTRIBUTION_FAILURE_TYPE_MAX);
+  for (auto entry : attribution_chain)
+    out_request->add_referrer_chain()->Swap(&entry);
+}
+
 }  // namespace safe_browsing