Chromium Code Reviews Chromium Code Reviews
Issue 2773483003:
Create PasswordProtectionRequest to handle password pings (Closed)
| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 #include "components/safe_browsing/password_protection/password_protection_reque st.h" | |
| 5 | |
| 6 #include "base/memory/ptr_util.h" | |
| 7 #include "base/memory/weak_ptr.h" | |
| 8 #include "base/metrics/histogram_macros.h" | |
| 9 #include "components/data_use_measurement/core/data_use_user_data.h" | |
| 10 #include "content/public/browser/browser_thread.h" | |
| 11 #include "net/base/escape.h" | |
| 12 #include "net/base/load_flags.h" | |
| 13 #include "net/base/url_util.h" | |
| 14 #include "net/http/http_status_code.h" | |
| 15 | |
| 16 using content::BrowserThread; | |
| 17 | |
| 18 namespace safe_browsing { | |
| 19 | |
| 20 PasswordProtectionRequest::PasswordProtectionRequest( | |
| 21 const GURL& main_frame_url, | |
| 22 LoginReputationClientRequest::TriggerType type, | |
| 23 bool is_extended_reporting, | |
| 24 bool is_incognito, | |
| 25 base::WeakPtr<PasswordProtectionService> pps, | |
| 26 int request_timeout_in_ms) | |
| 27 : main_frame_url_(main_frame_url), | |
| 28 request_type_(type), | |
| 29 is_extended_reporting_(is_extended_reporting), | |
| 30 is_incognito_(is_incognito), | |
| 31 password_protection_service_(pps), | |
| 32 request_timeout_in_ms_(request_timeout_in_ms), | |
| 33 weakptr_factory_(this) { | |
| 34 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 35 } | |
| 36 | |
| 37 PasswordProtectionRequest::~PasswordProtectionRequest() { | |
| 38 weakptr_factory_.InvalidateWeakPtrs(); | |
| 39 } | |
| 40 | |
| 41 void PasswordProtectionRequest::Start() { | |
| 42 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 43 // Initially we only send ping for Safe Browsing Extended Reporting users when | |
| 44 // they are not in incognito mode. We may loose these conditions later. | |
| 45 if (is_incognito_) { | |
| 46 Finish(RequestOutcome::INCOGNITO, nullptr); | |
| 47 return; | |
| 48 } | |
| 49 if (!is_extended_reporting_) { | |
| 50 Finish(RequestOutcome::NO_EXTENDED_REPORTING, nullptr); | |
| 51 return; | |
| 52 } | |
| 53 | |
| 54 // In case the request take too long, we set a timer to cancel this request. | |
| 55 StartTimeout(); | |
| 56 | |
| 57 CheckWhitelistsOnUIThread(); | |
| 58 } | |
| 59 | |
| 60 void PasswordProtectionRequest::Cancel(bool timed_out) { | |
| 61 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 62 fetcher_.reset(); | |
| 63 | |
| 64 Finish(timed_out ? TIMEDOUT : CANCELED, nullptr); | |
| 65 } | |
| 66 | |
| 67 void PasswordProtectionRequest::StartTimeout() { | |
| 68 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 69 timeout_start_time_ = base::TimeTicks::Now(); | |
| 70 | |
| 71 // If request is not done withing 10 seconds, we cancel this request. | |
| 72 // The weak pointer used for the timeout will be invalidated (and | |
| 73 // hence would prevent the timeout) if the check completes on time and | |
| 74 // execution reaches Finish(). | |
| 75 BrowserThread::PostDelayedTask( | |
| 76 BrowserThread::UI, FROM_HERE, | |
| 77 base::Bind(&PasswordProtectionRequest::Cancel, GetWeakPtr(), true), | |
| 78 base::TimeDelta::FromMilliseconds(request_timeout_in_ms_)); | |
| 79 } | |
| 80 | |
| 81 void PasswordProtectionRequest::Finish( | |
| 82 RequestOutcome outcome, | |
| 83 std::unique_ptr<LoginReputationClientResponse> response) { | |
| 84 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 85 | |
| 86 UMA_HISTOGRAM_ENUMERATION("PasswordProtection.RequestOutcome", outcome, | |
| 87 RequestOutcome::MAX_OUTCOME); | |
| 88 if (!timeout_start_time_.is_null()) { | |
| 89 UMA_HISTOGRAM_TIMES("PasswordProtection.RequestDuration", | |
| 90 base::TimeTicks::Now() - timeout_start_time_); | |
| 91 } | |
| 92 | |
| 93 if (response) { | |
| 94 switch (request_type_) { | |
| 95 case LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE: | |
| 96 UMA_HISTOGRAM_ENUMERATION( | |
| 97 "PasswordProtection.UnfamiliarLoginPageVerdict", | |
| 98 response->verdict_type(), | |
| 99 LoginReputationClientResponse_VerdictType_VerdictType_MAX + 1); | |
| 100 break; | |
| 101 case LoginReputationClientRequest::PASSWORD_REUSE_EVENT: | |
| 102 UMA_HISTOGRAM_ENUMERATION( | |
| 103 "PasswordProtection.PasswordReuseEventVerdict", | |
| 104 response->verdict_type(), | |
| 105 LoginReputationClientResponse_VerdictType_VerdictType_MAX + 1); | |
| 106 break; | |
| 107 default: | |
| 108 NOTREACHED(); | |
| 109 } | |
| 110 } | |
| 111 | |
| 112 DCHECK(password_protection_service_); | |
| 113 password_protection_service_->RequestFinished(this, std::move(response)); | |
| 114 } | |
| 115 | |
| 116 // TODO(jialiul): there are some duplicated code | |
| 117 void PasswordProtectionRequest::CheckWhitelistsOnUIThread() { | |
| 118 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 119 DCHECK(password_protection_service_); | |
| 120 | |
| 121 BrowserThread::PostTask( | |
| 122 BrowserThread::IO, FROM_HERE, | |
| 123 base::Bind(&PasswordProtectionService::CheckCsdWhitelistOnIOThread, | |
| 124 password_protection_service_, main_frame_url_, | |
| 125 base::Bind(&PasswordProtectionRequest::OnWhitelistCheckDone, | |
| 126 GetWeakPtr()))); | |
| 127 } | |
| 128 | |
| 129 void PasswordProtectionRequest::OnWhitelistCheckDone(bool match_whitelist) { | |
| 130 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 131 if (match_whitelist) | |
| 132 Finish(RequestOutcome::MATCHED_WHITELIST, nullptr); | |
| 133 else | |
| 134 CheckCachedVerdicts(); | |
| 135 } | |
| 136 | |
| 137 void PasswordProtectionRequest::CheckCachedVerdicts() { | |
| 138 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 139 if (!password_protection_service_) { | |
| 140 Finish(RequestOutcome::SERVICE_DESTROYED, nullptr); | |
| 141 return; | |
| 142 } | |
| 143 | |
| 144 std::unique_ptr<LoginReputationClientResponse> cached_response = | |
| 145 base::MakeUnique<LoginReputationClientResponse>(); | |
| 146 auto verdict = password_protection_service_->GetCachedVerdict( | |
| 147 password_protection_service_->GetSettingMapForActiveProfile(), | |
| 148 main_frame_url_, cached_response.get()); | |
| 149 if (verdict != LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED) | |
| 150 Finish(RequestOutcome::RESPONSE_ALREADY_CACHED, std::move(cached_response)); | |
| 151 else | |
| 152 SendRequest(); | |
| 153 } | |
| 154 | |
| 155 void PasswordProtectionRequest::OnURLFetchComplete( | |
| 156 const net::URLFetcher* source) { | |
| 157 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 158 if (source->GetStatus().is_success()) { | |
|
Nathan Parker
2017/03/24 00:41:50
Can put both error code and http status in the sam
Jialiu Lin
2017/03/24 01:42:43
Done.
| |
| 159 UMA_HISTOGRAM_SPARSE_SLOWLY( | |
| 160 "PasswordProtection.PasswordProtectionRequestResponseCode", | |
| 161 source->GetResponseCode()); | |
| 162 } | |
| 163 | |
| 164 UMA_HISTOGRAM_SPARSE_SLOWLY( | |
| 165 "PasswordProtection.PasswordProtectionRequestNetError", | |
| 166 -source->GetStatus().error()); | |
| 167 | |
| 168 if (!source->GetStatus().is_success() || | |
| 169 net::HTTP_OK != source->GetResponseCode()) { | |
| 170 Finish(RequestOutcome::FETCH_FAILED, nullptr); | |
| 171 return; | |
| 172 } | |
| 173 | |
| 174 std::unique_ptr<LoginReputationClientResponse> response = | |
| 175 base::MakeUnique<LoginReputationClientResponse>(); | |
| 176 std::string response_body; | |
| 177 bool received_data = source->GetResponseAsString(&response_body); | |
| 178 DCHECK(received_data); | |
| 179 fetcher_.reset(); // We don't need it anymore. | |
| 180 UMA_HISTOGRAM_TIMES("PasswordProtection.RequestNetworkDuration", | |
| 181 base::TimeTicks::Now() - request_start_time_); | |
| 182 if (response->ParseFromString(response_body)) { | |
| 183 Finish(RequestOutcome::SUCCEEDED, std::move(response)); | |
| 184 } else { | |
| 185 Finish(RequestOutcome::RESPONSE_MALFORMED, nullptr); | |
| 186 } | |
| 187 } | |
| 188 | |
| 189 void PasswordProtectionRequest::SendRequest() { | |
| 190 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 191 | |
| 192 LoginReputationClientRequest request; | |
| 193 request.set_page_url(main_frame_url_.spec()); | |
| 194 request.set_trigger_type(request_type_); | |
| 195 request.set_stored_verdict_cnt( | |
| 196 password_protection_service_->GetStoredVerdictCount()); | |
| 197 | |
| 198 std::string serialized_request; | |
| 199 if (!request.SerializeToString(&serialized_request)) { | |
| 200 Finish(RequestOutcome::REQUEST_MALFORMED, nullptr); | |
| 201 return; | |
| 202 } | |
| 203 | |
| 204 fetcher_ = net::URLFetcher::Create( | |
| 205 0, PasswordProtectionService::GetPasswordProtectionRequestUrl(), | |
| 206 net::URLFetcher::POST, this); | |
| 207 data_use_measurement::DataUseUserData::AttachToFetcher( | |
| 208 fetcher_.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING); | |
| 209 fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE); | |
| 210 fetcher_->SetAutomaticallyRetryOn5xx(false); | |
| 211 fetcher_->SetRequestContext( | |
| 212 password_protection_service_->request_context_getter().get()); | |
| 213 fetcher_->SetUploadData("application/octet-stream", serialized_request); | |
| 214 request_start_time_ = base::TimeTicks::Now(); | |
| 215 fetcher_->Start(); | |
| 216 } | |
| 217 | |
| 218 } // namespace safe_browsing | |
| OLD | NEW |
