OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ | 5 #ifndef CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ |
6 #define CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ | 6 #define CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ |
7 | 7 |
8 #include "base/callback.h" | 8 #include "base/callback.h" |
9 #include "base/macros.h" | 9 #include "base/macros.h" |
10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| 11 #include "base/memory/singleton.h" |
| 12 #include "base/time/default_clock.h" |
| 13 #include "components/keyed_service/content/browser_context_keyed_service_factory
.h" |
| 14 #include "components/keyed_service/core/keyed_service.h" |
11 #include "content/public/browser/permission_type.h" | 15 #include "content/public/browser/permission_type.h" |
12 #include "url/gurl.h" | 16 #include "url/gurl.h" |
13 | 17 |
14 class GURL; | 18 class GURL; |
15 class Profile; | 19 class Profile; |
16 | 20 |
17 namespace content { | 21 namespace content { |
18 class WebContents; | 22 class WebContents; |
19 } | 23 } |
20 | 24 |
21 namespace safe_browsing { | 25 namespace safe_browsing { |
22 class SafeBrowsingDatabaseManager; | 26 class SafeBrowsingDatabaseManager; |
23 } | 27 } |
24 | 28 |
25 namespace base { | |
26 class Time; | |
27 } | |
28 | |
29 class HostContentSettingsMap; | |
30 | |
31 // The PermissionDecisionAutoBlocker decides whether or not a given origin | 29 // The PermissionDecisionAutoBlocker decides whether or not a given origin |
32 // should be automatically blocked from requesting a permission. When an origin | 30 // should be automatically blocked from requesting a permission. When an origin |
33 // is blocked, it is placed under an "embargo". Until the embargo expires, any | 31 // is blocked, it is placed under an "embargo". Until the embargo expires, any |
34 // requests made by the origin are automatically blocked. Once the embargo is | 32 // requests made by the origin are automatically blocked. Once the embargo is |
35 // lifted, the origin will be permitted to request a permission again, which may | 33 // lifted, the origin will be permitted to request a permission again, which may |
36 // result in it being placed under embargo again. Currently, an origin can be | 34 // result in it being placed under embargo again. Currently, an origin can be |
37 // placed under embargo if it appears on Safe Browsing's API blacklist, or if it | 35 // placed under embargo if it appears on Safe Browsing's API blacklist, or if it |
38 // has a number of prior dismissals greater than a threshold. | 36 // has a number of prior dismissals greater than a threshold. |
39 class PermissionDecisionAutoBlocker { | 37 class PermissionDecisionAutoBlocker : public KeyedService { |
40 public: | 38 public: |
41 // Removes any recorded counts for urls which match |filter| under |profile|. | 39 class Factory : public BrowserContextKeyedServiceFactory { |
42 static void RemoveCountsByUrl(Profile* profile, | 40 public: |
43 base::Callback<bool(const GURL& url)> filter); | 41 static PermissionDecisionAutoBlocker* GetForProfile(Profile* profile); |
| 42 static PermissionDecisionAutoBlocker::Factory* GetInstance(); |
| 43 |
| 44 private: |
| 45 friend struct base::DefaultSingletonTraits<Factory>; |
| 46 |
| 47 Factory(); |
| 48 ~Factory() override; |
| 49 |
| 50 // BrowserContextKeyedServiceFactory |
| 51 KeyedService* BuildServiceInstanceFor( |
| 52 content::BrowserContext* context) const override; |
| 53 |
| 54 content::BrowserContext* GetBrowserContextToUse( |
| 55 content::BrowserContext* context) const override; |
| 56 }; |
| 57 |
| 58 static PermissionDecisionAutoBlocker* GetForProfile(Profile* profile); |
| 59 |
| 60 // Removes any recorded counts for urls which match |filter|. |
| 61 void RemoveCountsByUrl(base::Callback<bool(const GURL& url)> filter); |
44 | 62 |
45 // Returns the current number of dismisses recorded for |permission| type at | 63 // Returns the current number of dismisses recorded for |permission| type at |
46 // |url|. | 64 // |url|. |
47 static int GetDismissCount(const GURL& url, | 65 int GetDismissCount(const GURL& url, content::PermissionType permission); |
48 content::PermissionType permission, | |
49 Profile* profile); | |
50 | 66 |
51 // Returns the current number of ignores recorded for |permission| | 67 // Returns the current number of ignores recorded for |permission| |
52 // type at |url|. | 68 // type at |url|. |
53 static int GetIgnoreCount(const GURL& url, | 69 int GetIgnoreCount(const GURL& url, content::PermissionType permission); |
54 content::PermissionType permission, | |
55 Profile* profile); | |
56 | 70 |
57 // Records that a dismissal of a prompt for |permission| was made. If the | 71 // Records that a dismissal of a prompt for |permission| was made. If the |
58 // total number of dismissals exceeds a threshhold and | 72 // total number of dismissals exceeds a threshhold and |
59 // features::kBlockPromptsIfDismissedOften is enabled it will place |url| | 73 // features::kBlockPromptsIfDismissedOften is enabled it will place |url| |
60 // under embargo for |permission|. | 74 // under embargo for |permission|. |
61 static bool RecordDismissAndEmbargo(const GURL& url, | 75 bool RecordDismissAndEmbargo(const GURL& url, |
62 content::PermissionType permission, | 76 content::PermissionType permission); |
63 Profile* profile, | |
64 base::Time current_time); | |
65 | 77 |
66 // Records that an ignore of a prompt for |permission| was made. | 78 // Records that an ignore of a prompt for |permission| was made. |
67 static int RecordIgnore(const GURL& url, | 79 int RecordIgnore(const GURL& url, content::PermissionType permission); |
68 content::PermissionType permission, | |
69 Profile* profile); | |
70 | |
71 // Records that a dismissal of a prompt for |permission| was made, and returns | |
72 // true if this dismissal should be considered a block. False otherwise. | |
73 // TODO(meredithl): Remove in favour of embargoing on repeated dismissals. | |
74 static bool ShouldChangeDismissalToBlock(const GURL& url, | |
75 content::PermissionType permission, | |
76 Profile* profile); | |
77 | 80 |
78 // Updates the threshold to start blocking prompts from the field trial. | 81 // Updates the threshold to start blocking prompts from the field trial. |
79 static void UpdateFromVariations(); | 82 static void UpdateFromVariations(); |
80 | 83 |
81 // Checks if |request_origin| is under embargo for |permission|. Internally, | 84 // Checks if |request_origin| is under embargo for |permission|. Internally, |
82 // this will make a call to IsUnderEmbargo to check the content setting first, | 85 // this will make a call to IsUnderEmbargo to check the content setting first, |
83 // but may also make a call to Safe Browsing to check if |request_origin| is | 86 // but may also make a call to Safe Browsing to check the API blacklist, which |
84 // blacklisted for |permission|, which is performed asynchronously. | 87 // is performed asynchronously. |
85 static void UpdateEmbargoedStatus( | 88 void UpdateEmbargoedStatus(content::PermissionType permission, |
86 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager, | 89 const GURL& request_origin, |
87 content::PermissionType permission, | 90 content::WebContents* web_contents, |
88 const GURL& request_origin, | 91 base::Callback<void(bool)> callback); |
89 content::WebContents* web_contents, | |
90 int timeout, | |
91 Profile* profile, | |
92 base::Time current_time, | |
93 base::Callback<void(bool)> callback); | |
94 | 92 |
95 // Checks the status of the content setting to determine if |request_origin| | 93 // Checks the status of the content setting to determine if |request_origin| |
96 // is under embargo for |permission|. This checks both embargo for Permissions | 94 // is under embargo for |permission|. This checks both embargo for Permissions |
97 // Blacklisting and repeated dismissals. | 95 // Blacklisting and repeated dismissals. |
98 static bool IsUnderEmbargo(content::PermissionType permission, | 96 bool IsUnderEmbargo(content::PermissionType permission, |
99 Profile* profile, | 97 const GURL& request_origin); |
100 const GURL& request_origin, | |
101 base::Time current_time); | |
102 | 98 |
103 private: | 99 private: |
104 friend class PermissionContextBaseTests; | 100 friend class PermissionContextBaseTests; |
105 friend class PermissionDecisionAutoBlockerUnitTest; | 101 friend class PermissionDecisionAutoBlockerUnitTest; |
106 | 102 |
107 static void CheckSafeBrowsingResult(content::PermissionType permission, | 103 explicit PermissionDecisionAutoBlocker(Profile* profile); |
108 Profile* profile, | 104 ~PermissionDecisionAutoBlocker() override; |
109 const GURL& request_origin, | |
110 base::Time current_time, | |
111 base::Callback<void(bool)> callback, | |
112 bool should_be_embargoed); | |
113 | 105 |
114 static void PlaceUnderEmbargo(content::PermissionType permission, | 106 // Get the result of the Safe Browsing check, if |should_be_embargoed| is true |
115 const GURL& request_origin, | 107 // then |request_origin| will be placed under embargo for that |permission|. |
116 HostContentSettingsMap* map, | 108 void CheckSafeBrowsingResult(content::PermissionType permission, |
117 base::Time current_time, | 109 const GURL& request_origin, |
118 const char* key); | 110 base::Callback<void(bool)> callback, |
| 111 bool should_be_embargoed); |
| 112 |
| 113 void PlaceUnderEmbargo(content::PermissionType permission, |
| 114 const GURL& request_origin, |
| 115 const char* key); |
| 116 |
| 117 void SetSafeBrowsingDatabaseManagerAndTimeoutForTesting( |
| 118 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager, |
| 119 int timeout); |
| 120 |
| 121 void SetClockForTesting(std::unique_ptr<base::Clock> clock); |
119 | 122 |
120 // Keys used for storing count data in a website setting. | 123 // Keys used for storing count data in a website setting. |
121 static const char kPromptDismissCountKey[]; | 124 static const char kPromptDismissCountKey[]; |
122 static const char kPromptIgnoreCountKey[]; | 125 static const char kPromptIgnoreCountKey[]; |
123 static const char kPermissionDismissalEmbargoKey[]; | 126 static const char kPermissionDismissalEmbargoKey[]; |
124 static const char kPermissionBlacklistEmbargoKey[]; | 127 static const char kPermissionBlacklistEmbargoKey[]; |
125 | 128 |
| 129 Profile* profile_; |
| 130 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager_; |
| 131 |
| 132 // Timeout in ms. |
| 133 int safe_browsing_timeout_; |
| 134 |
| 135 std::unique_ptr<base::Clock> clock_; |
| 136 |
126 DISALLOW_IMPLICIT_CONSTRUCTORS(PermissionDecisionAutoBlocker); | 137 DISALLOW_IMPLICIT_CONSTRUCTORS(PermissionDecisionAutoBlocker); |
127 }; | 138 }; |
128 | |
129 #endif // CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ | 139 #endif // CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ |
OLD | NEW |