Chromium Code Reviews Chromium Code Reviews
Issue 2623733002:
Componentize SafeBrowsingBlockingPage for WebView use (Closed)
| Index: components/safe_browsing/base_ui_manager.cc |
| diff --git a/components/safe_browsing/base_ui_manager.cc b/components/safe_browsing/base_ui_manager.cc |
| index 3bdd8db4fe145e87347c3aab63f6697b97c9e27d..754c94476e3e84db06b69b6e1cbd5f005b665339 100644 |
| --- a/components/safe_browsing/base_ui_manager.cc |
| +++ b/components/safe_browsing/base_ui_manager.cc |
| @@ -6,7 +6,11 @@ |
| #include "base/bind.h" |
| #include "base/callback.h" |
| -#include "base/macros.h" |
| +#include "base/i18n/rtl.h" |
| +#include "base/metrics/histogram_macros.h" |
| +#include "base/supports_user_data.h" |
| +#include "components/safe_browsing/base_safe_browsing_blocking_page.h" |
| +#include "components/safe_browsing_db/metadata.pb.h" |
| #include "content/public/browser/browser_thread.h" |
| #include "content/public/browser/navigation_entry.h" |
| #include "content/public/browser/web_contents.h" |
| @@ -95,6 +99,7 @@ namespace safe_browsing { |
| BaseSafeBrowsingUIManager::BaseSafeBrowsingUIManager() {} |
| void BaseSafeBrowsingUIManager::StopOnIOThread(bool shutdown) { |
| + LOG(ERROR) << "This should not be called"; |
|
meacer
2017/01/10 21:18:21
Forgot to remove? :)
Jialiu Lin
2017/01/11 00:50:06
ye..s....I forgot...
|
| DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| // TODO(ntfschr): implement this once SafeBrowsingService is componentized |
| return; |
| @@ -171,9 +176,56 @@ void BaseSafeBrowsingUIManager::OnBlockingPageDone( |
| void BaseSafeBrowsingUIManager::DisplayBlockingPage( |
| const UnsafeResource& resource) { |
| DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| - // TODO(ntfschr): implement this once SafeBrowsingBlockingPage is |
| - // componentized |
| - return; |
| + if (resource.is_subresource && !resource.is_subframe) { |
| + // Sites tagged as serving Unwanted Software should only show a warning for |
| + // main-frame or sub-frame resource. Similar warning restrictions should be |
| + // applied to malware sites tagged as "landing sites" (see "Types of |
| + // Malware sites" under |
| + // https://developers.google.com/safe-browsing/developers_guide_v3#UserWarnings). |
| + MalwarePatternType proto; |
|
meacer
2017/01/10 21:18:21
This doesn't seem to be used, remove?
Jialiu Lin
2017/01/11 00:50:06
Hmm.. I wonder what's the story of this line. I co
|
| + if (resource.threat_type == SB_THREAT_TYPE_URL_UNWANTED || |
| + (resource.threat_type == SB_THREAT_TYPE_URL_MALWARE && |
| + resource.threat_metadata.threat_pattern_type == |
| + ThreatPatternType::MALWARE_LANDING)) { |
| + if (!resource.callback.is_null()) { |
| + DCHECK(resource.callback_thread); |
| + resource.callback_thread->PostTask(FROM_HERE, |
| + base::Bind(resource.callback, true)); |
| + } |
| + |
| + return; |
| + } |
| + } |
| + |
| + // The tab might have been closed. If it was closed, just act as if "Don't |
| + // Proceed" had been chosen. |
| + WebContents* web_contents = resource.web_contents_getter.Run(); |
| + if (!web_contents) { |
| + std::vector<UnsafeResource> resources; |
|
meacer
2017/01/10 21:18:21
nit: Maybe inline this?
OnBlockingPageDone(std::v
Jialiu Lin
2017/01/11 00:50:06
Done.
|
| + resources.push_back(resource); |
| + OnBlockingPageDone(resources, false, web_contents, |
| + GetMainFrameWhitelistUrlForResource(resource)); |
| + return; |
| + } |
| + |
| + // Check if the user has already ignored a SB warning for the same WebContents |
| + // and top-level domain. |
| + if (IsWhitelisted(resource)) { |
| + if (!resource.callback.is_null()) { |
| + DCHECK(resource.callback_thread); |
| + resource.callback_thread->PostTask(FROM_HERE, |
| + base::Bind(resource.callback, true)); |
| + } |
| + return; |
| + } |
| + |
| + // TODO(jialiul): BaseUIManager currently don't send HitReport. |
|
meacer
2017/01/10 21:18:21
nit: The todo seemed a bit abstract, perhaps file
Jialiu Lin
2017/01/11 00:50:06
I probably should make it a comment instead of TOD
|
| + |
| + AddToWhitelistUrlSet(GetMainFrameWhitelistUrlForResource(resource), |
| + resource.web_contents_getter.Run(), |
| + true /* A decision is now pending */, |
| + resource.threat_type); |
| + BaseSafeBrowsingBlockingPage::ShowBlockingPage(this, resource); |
| } |
| void BaseSafeBrowsingUIManager::EnsureWhitelistCreated( |
| @@ -182,6 +234,7 @@ void BaseSafeBrowsingUIManager::EnsureWhitelistCreated( |
| } |
| void BaseSafeBrowsingUIManager::LogPauseDelay(base::TimeDelta time) { |
| + UMA_HISTOGRAM_LONG_TIMES("SB2.Delay", time); |
| return; |
| } |
| @@ -190,6 +243,8 @@ void BaseSafeBrowsingUIManager::LogPauseDelay(base::TimeDelta time) { |
| // UMA || extended_reporting users. |
| void BaseSafeBrowsingUIManager::MaybeReportSafeBrowsingHit( |
| const HitReport& hit_report) { |
| + LOG(ERROR) << "This should not be called: " |
| + "BaseSafeBrowsingUIManager::MaybeReportSafeBrowsingHit"; |
|
meacer
2017/01/10 21:18:21
nit: Remove?
Jialiu Lin
2017/01/11 00:50:06
Done.
|
| DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| // TODO(ntfschr): implement this once we support reporting in WebView |
| return; |
| @@ -239,14 +294,18 @@ void BaseSafeBrowsingUIManager::AddToWhitelistUrlSet(const GURL& whitelist_url, |
| web_contents->DidChangeVisibleSecurityState(); |
| } |
| -void BaseSafeBrowsingUIManager::AddObserver(Observer* observer) { |
| - DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| - observer_list_.AddObserver(observer); |
| +const std::string BaseSafeBrowsingUIManager::app_locale() { |
| + return base::i18n::GetConfiguredLocale(); |
| } |
| -void BaseSafeBrowsingUIManager::RemoveObserver(Observer* observer) { |
| - DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| - observer_list_.RemoveObserver(observer); |
| +history::HistoryService* BaseSafeBrowsingUIManager::history_service( |
| + content::WebContents* web_contents) { |
| + // TODO(jialiul): figure out how to get HistoryService from webview. |
| + return nullptr; |
| +} |
| + |
| +const GURL BaseSafeBrowsingUIManager::default_safe_page() { |
| + return GURL(url::kAboutBlankURL); |
| } |
| void BaseSafeBrowsingUIManager::RemoveFromPendingWhitelistUrlSet( |
| @@ -286,4 +345,16 @@ void BaseSafeBrowsingUIManager::RemoveFromPendingWhitelistUrlSet( |
| web_contents->DidChangeVisibleSecurityState(); |
| } |
| +// static |
| +GURL BaseSafeBrowsingUIManager::GetMainFrameWhitelistUrlForResource( |
| + const security_interstitials::UnsafeResource& resource) { |
| + if (resource.is_subresource) { |
| + NavigationEntry* entry = resource.GetNavigationEntryForResource(); |
| + if (!entry) |
| + return GURL(); |
| + return entry->GetURL().GetWithEmptyPath(); |
| + } |
| + return resource.url.GetWithEmptyPath(); |
| +} |
| + |
| } // namespace safe_browsing |
