OLD | NEW |
---|---|
1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/safe_browsing/base_ping_manager.h" | 5 #include "components/safe_browsing/base_ping_manager.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/memory/ptr_util.h" | 11 #include "base/memory/ptr_util.h" |
12 #include "base/strings/string_util.h" | 12 #include "base/strings/string_util.h" |
13 #include "base/strings/stringprintf.h" | 13 #include "base/strings/stringprintf.h" |
14 #include "base/values.h" | 14 #include "base/values.h" |
15 #include "components/data_use_measurement/core/data_use_user_data.h" | 15 #include "components/data_use_measurement/core/data_use_user_data.h" |
16 #include "content/public/browser/browser_thread.h" | 16 #include "content/public/browser/browser_thread.h" |
17 #include "google_apis/google_api_keys.h" | 17 #include "google_apis/google_api_keys.h" |
18 #include "net/base/escape.h" | 18 #include "net/base/escape.h" |
19 #include "net/base/load_flags.h" | 19 #include "net/base/load_flags.h" |
20 #include "net/log/net_log_source_type.h" | 20 #include "net/log/net_log_source_type.h" |
21 #include "net/traffic_annotation/network_traffic_annotation.h" | |
21 #include "net/url_request/url_fetcher.h" | 22 #include "net/url_request/url_fetcher.h" |
22 #include "net/url_request/url_request_context.h" | 23 #include "net/url_request/url_request_context.h" |
23 #include "net/url_request/url_request_context_getter.h" | 24 #include "net/url_request/url_request_context_getter.h" |
24 #include "net/url_request/url_request_status.h" | 25 #include "net/url_request/url_request_status.h" |
25 #include "url/gurl.h" | 26 #include "url/gurl.h" |
26 | 27 |
27 using content::BrowserThread; | 28 using content::BrowserThread; |
28 | 29 |
29 namespace { | 30 namespace { |
30 // Returns a dictionary with "url"=|url-spec| and "data"=|payload| for | 31 // Returns a dictionary with "url"=|url-spec| and "data"=|payload| for |
(...skipping 18 matching lines...) Expand all Loading... | |
49 const net::URLRequestStatus& status, | 50 const net::URLRequestStatus& status, |
50 net::NetLogCaptureMode) { | 51 net::NetLogCaptureMode) { |
51 std::unique_ptr<base::DictionaryValue> event_params( | 52 std::unique_ptr<base::DictionaryValue> event_params( |
52 new base::DictionaryValue()); | 53 new base::DictionaryValue()); |
53 event_params->SetInteger("status", status.status()); | 54 event_params->SetInteger("status", status.status()); |
54 event_params->SetInteger("error", status.error()); | 55 event_params->SetInteger("error", status.error()); |
55 net_log.source().AddToEventParameters(event_params.get()); | 56 net_log.source().AddToEventParameters(event_params.get()); |
56 return std::move(event_params); | 57 return std::move(event_params); |
57 } | 58 } |
58 | 59 |
60 net::NetworkTrafficAnnotationTag kTrafficAnnotation = | |
61 net::DefineNetworkTrafficAnnotation("safe_browsing_extended_reporting", R"( | |
62 semantics { | |
63 sender: "Safe Browsing Extended Reporting" | |
64 description: | |
65 "When a user is opted in to automatically reporting 'possible " | |
66 "security incidents to Google,' and they reach a bad page that's " | |
67 "flagged by Safe Browsing, Chrome will send a report to Google " | |
68 "with information about the threat. This helps Safe Browsing learn " | |
69 "where threats originate and thus protect more users." | |
70 trigger: | |
71 "When an red interstitial is show, and the user is opted-in." | |
msramek
2017/05/04 10:56:15
typo: s/an/a/
Ramin Halavati
2017/05/05 07:07:08
Done.
| |
72 data: | |
73 "URLs and referrers from from the page along with other security-" | |
msramek
2017/05/04 10:56:15
Nathan, the plural (URLs) means URLs of subresourc
Nathan Parker
2017/05/04 15:44:43
Sure, how about:
data: The report includes the UR
Ramin Halavati
2017/05/05 07:07:08
Done.
| |
74 "relevant data from the page contents." | |
75 destination: GOOGLE_OWNED_SERVICE | |
76 } | |
77 policy { | |
78 cookies_allowed: true | |
79 cookies_store: "Safe Browsing Cookie Store" | |
80 setting: | |
81 "Users can enable or disable this feature by toggling " | |
82 "'Automatically report details of possible security incidents to " | |
83 "Google' in Chrome's settings under 'Privcay'. The feature is " | |
msramek
2017/05/04 10:56:16
typo: Privacy
Ramin Halavati
2017/05/05 07:07:08
Done.
| |
84 "enabled by default." | |
Nathan Parker
2017/05/04 15:44:43
The feature is DISABLED by default.
Ramin Halavati
2017/05/05 07:07:08
Done.
| |
85 chrome_policy { | |
86 SafeBrowsingExtendedReportingOptInAllowed { | |
87 policy_options {mode: MANDATORY} | |
88 SafeBrowsingExtendedReportingOptInAllowed: false | |
89 } | |
90 } | |
91 })"); | |
92 | |
59 } // namespace | 93 } // namespace |
60 | 94 |
61 namespace safe_browsing { | 95 namespace safe_browsing { |
62 | 96 |
63 // SafeBrowsingPingManager implementation ---------------------------------- | 97 // SafeBrowsingPingManager implementation ---------------------------------- |
64 | 98 |
65 // static | 99 // static |
66 std::unique_ptr<BasePingManager> BasePingManager::Create( | 100 std::unique_ptr<BasePingManager> BasePingManager::Create( |
67 net::URLRequestContextGetter* request_context_getter, | 101 net::URLRequestContextGetter* request_context_getter, |
68 const SafeBrowsingProtocolConfig& config) { | 102 const SafeBrowsingProtocolConfig& config) { |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
106 } | 140 } |
107 | 141 |
108 // Sends a SafeBrowsing "hit" report. | 142 // Sends a SafeBrowsing "hit" report. |
109 void BasePingManager::ReportSafeBrowsingHit( | 143 void BasePingManager::ReportSafeBrowsingHit( |
110 const safe_browsing::HitReport& hit_report) { | 144 const safe_browsing::HitReport& hit_report) { |
111 GURL report_url = SafeBrowsingHitUrl(hit_report); | 145 GURL report_url = SafeBrowsingHitUrl(hit_report); |
112 std::unique_ptr<net::URLFetcher> report_ptr = net::URLFetcher::Create( | 146 std::unique_ptr<net::URLFetcher> report_ptr = net::URLFetcher::Create( |
113 report_url, | 147 report_url, |
114 hit_report.post_data.empty() ? net::URLFetcher::GET | 148 hit_report.post_data.empty() ? net::URLFetcher::GET |
115 : net::URLFetcher::POST, | 149 : net::URLFetcher::POST, |
116 this); | 150 this, kTrafficAnnotation); |
117 net::URLFetcher* report = report_ptr.get(); | 151 net::URLFetcher* report = report_ptr.get(); |
118 data_use_measurement::DataUseUserData::AttachToFetcher( | 152 data_use_measurement::DataUseUserData::AttachToFetcher( |
119 report, data_use_measurement::DataUseUserData::SAFE_BROWSING); | 153 report, data_use_measurement::DataUseUserData::SAFE_BROWSING); |
120 report_ptr->SetLoadFlags(net::LOAD_DISABLE_CACHE); | 154 report_ptr->SetLoadFlags(net::LOAD_DISABLE_CACHE); |
121 report_ptr->SetRequestContext(request_context_getter_.get()); | 155 report_ptr->SetRequestContext(request_context_getter_.get()); |
122 std::string post_data_base64; | 156 std::string post_data_base64; |
123 if (!hit_report.post_data.empty()) { | 157 if (!hit_report.post_data.empty()) { |
124 report_ptr->SetUploadData("text/plain", hit_report.post_data); | 158 report_ptr->SetUploadData("text/plain", hit_report.post_data); |
125 base::Base64Encode(hit_report.post_data, &post_data_base64); | 159 base::Base64Encode(hit_report.post_data, &post_data_base64); |
126 } | 160 } |
127 | 161 |
128 net_log_.BeginEvent( | 162 net_log_.BeginEvent( |
129 net::NetLogEventType::SAFE_BROWSING_PING, | 163 net::NetLogEventType::SAFE_BROWSING_PING, |
130 base::Bind(&NetLogPingStartCallback, net_log_, | 164 base::Bind(&NetLogPingStartCallback, net_log_, |
131 report_ptr->GetOriginalURL(), post_data_base64)); | 165 report_ptr->GetOriginalURL(), post_data_base64)); |
132 | 166 |
133 report->Start(); | 167 report->Start(); |
134 safebrowsing_reports_.insert(std::move(report_ptr)); | 168 safebrowsing_reports_.insert(std::move(report_ptr)); |
135 } | 169 } |
136 | 170 |
137 // Sends threat details for users who opt-in. | 171 // Sends threat details for users who opt-in. |
138 void BasePingManager::ReportThreatDetails(const std::string& report) { | 172 void BasePingManager::ReportThreatDetails(const std::string& report) { |
139 GURL report_url = ThreatDetailsUrl(); | 173 GURL report_url = ThreatDetailsUrl(); |
140 std::unique_ptr<net::URLFetcher> fetcher = | 174 std::unique_ptr<net::URLFetcher> fetcher = net::URLFetcher::Create( |
141 net::URLFetcher::Create(report_url, net::URLFetcher::POST, this); | 175 report_url, net::URLFetcher::POST, this, kTrafficAnnotation); |
142 data_use_measurement::DataUseUserData::AttachToFetcher( | 176 data_use_measurement::DataUseUserData::AttachToFetcher( |
143 fetcher.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING); | 177 fetcher.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING); |
144 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); | 178 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); |
145 fetcher->SetRequestContext(request_context_getter_.get()); | 179 fetcher->SetRequestContext(request_context_getter_.get()); |
146 fetcher->SetUploadData("application/octet-stream", report); | 180 fetcher->SetUploadData("application/octet-stream", report); |
147 // Don't try too hard to send reports on failures. | 181 // Don't try too hard to send reports on failures. |
148 fetcher->SetAutomaticallyRetryOn5xx(false); | 182 fetcher->SetAutomaticallyRetryOn5xx(false); |
149 | 183 |
150 std::string report_base64; | 184 std::string report_base64; |
151 base::Base64Encode(report, &report_base64); | 185 base::Base64Encode(report, &report_base64); |
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
245 url_prefix_.c_str(), client_name_.c_str(), version_.c_str()); | 279 url_prefix_.c_str(), client_name_.c_str(), version_.c_str()); |
246 std::string api_key = google_apis::GetAPIKey(); | 280 std::string api_key = google_apis::GetAPIKey(); |
247 if (!api_key.empty()) { | 281 if (!api_key.empty()) { |
248 base::StringAppendF(&url, "&key=%s", | 282 base::StringAppendF(&url, "&key=%s", |
249 net::EscapeQueryParamValue(api_key, true).c_str()); | 283 net::EscapeQueryParamValue(api_key, true).c_str()); |
250 } | 284 } |
251 return GURL(url); | 285 return GURL(url); |
252 } | 286 } |
253 | 287 |
254 } // namespace safe_browsing | 288 } // namespace safe_browsing |
OLD | NEW |