OLD | NEW |
1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/safe_browsing/base_ping_manager.h" | 5 #include "components/safe_browsing/base_ping_manager.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/memory/ptr_util.h" | 11 #include "base/memory/ptr_util.h" |
12 #include "base/strings/string_util.h" | 12 #include "base/strings/string_util.h" |
13 #include "base/strings/stringprintf.h" | 13 #include "base/strings/stringprintf.h" |
14 #include "base/values.h" | 14 #include "base/values.h" |
15 #include "components/data_use_measurement/core/data_use_user_data.h" | 15 #include "components/data_use_measurement/core/data_use_user_data.h" |
16 #include "content/public/browser/browser_thread.h" | 16 #include "content/public/browser/browser_thread.h" |
17 #include "google_apis/google_api_keys.h" | 17 #include "google_apis/google_api_keys.h" |
18 #include "net/base/escape.h" | 18 #include "net/base/escape.h" |
19 #include "net/base/load_flags.h" | 19 #include "net/base/load_flags.h" |
20 #include "net/log/net_log_source_type.h" | 20 #include "net/log/net_log_source_type.h" |
| 21 #include "net/traffic_annotation/network_traffic_annotation.h" |
21 #include "net/url_request/url_fetcher.h" | 22 #include "net/url_request/url_fetcher.h" |
22 #include "net/url_request/url_request_context.h" | 23 #include "net/url_request/url_request_context.h" |
23 #include "net/url_request/url_request_context_getter.h" | 24 #include "net/url_request/url_request_context_getter.h" |
24 #include "net/url_request/url_request_status.h" | 25 #include "net/url_request/url_request_status.h" |
25 #include "url/gurl.h" | 26 #include "url/gurl.h" |
26 | 27 |
27 using content::BrowserThread; | 28 using content::BrowserThread; |
28 | 29 |
29 namespace { | 30 namespace { |
30 // Returns a dictionary with "url"=|url-spec| and "data"=|payload| for | 31 // Returns a dictionary with "url"=|url-spec| and "data"=|payload| for |
(...skipping 18 matching lines...) Expand all Loading... |
49 const net::URLRequestStatus& status, | 50 const net::URLRequestStatus& status, |
50 net::NetLogCaptureMode) { | 51 net::NetLogCaptureMode) { |
51 std::unique_ptr<base::DictionaryValue> event_params( | 52 std::unique_ptr<base::DictionaryValue> event_params( |
52 new base::DictionaryValue()); | 53 new base::DictionaryValue()); |
53 event_params->SetInteger("status", status.status()); | 54 event_params->SetInteger("status", status.status()); |
54 event_params->SetInteger("error", status.error()); | 55 event_params->SetInteger("error", status.error()); |
55 net_log.source().AddToEventParameters(event_params.get()); | 56 net_log.source().AddToEventParameters(event_params.get()); |
56 return std::move(event_params); | 57 return std::move(event_params); |
57 } | 58 } |
58 | 59 |
| 60 net::NetworkTrafficAnnotationTag kTrafficAnnotation = |
| 61 net::DefineNetworkTrafficAnnotation("safe_browsing_extended_reporting", R"( |
| 62 semantics { |
| 63 sender: "Safe Browsing Extended Reporting" |
| 64 description: |
| 65 "When a user is opted in to automatically reporting 'possible " |
| 66 "security incidents to Google,' and they reach a bad page that's " |
| 67 "flagged by Safe Browsing, Chrome will send a report to Google " |
| 68 "with information about the threat. This helps Safe Browsing learn " |
| 69 "where threats originate and thus protect more users." |
| 70 trigger: |
| 71 "When a red interstitial is shown, and the user is opted-in." |
| 72 data: |
| 73 "The report includes the URL and referrer chain of the page. If the " |
| 74 "warning is triggered by a subresource on a partially loaded page, " |
| 75 "the report will include the URL and referrer chain of sub frames " |
| 76 "and resources loaded into the page. It may also include a subset " |
| 77 "of headers for resources loaded, and some Google ad identifiers to " |
| 78 "help block malicious ads." |
| 79 destination: GOOGLE_OWNED_SERVICE |
| 80 } |
| 81 policy { |
| 82 cookies_allowed: true |
| 83 cookies_store: "Safe Browsing Cookie Store" |
| 84 setting: |
| 85 "Users can control this feature via the 'Automatically report " |
| 86 "details of possible security incidents to Google' setting under " |
| 87 "'Privacy'. The feature is disabled by default." |
| 88 chrome_policy { |
| 89 SafeBrowsingExtendedReportingOptInAllowed { |
| 90 policy_options {mode: MANDATORY} |
| 91 SafeBrowsingExtendedReportingOptInAllowed: false |
| 92 } |
| 93 } |
| 94 })"); |
| 95 |
59 } // namespace | 96 } // namespace |
60 | 97 |
61 namespace safe_browsing { | 98 namespace safe_browsing { |
62 | 99 |
63 // SafeBrowsingPingManager implementation ---------------------------------- | 100 // SafeBrowsingPingManager implementation ---------------------------------- |
64 | 101 |
65 // static | 102 // static |
66 std::unique_ptr<BasePingManager> BasePingManager::Create( | 103 std::unique_ptr<BasePingManager> BasePingManager::Create( |
67 net::URLRequestContextGetter* request_context_getter, | 104 net::URLRequestContextGetter* request_context_getter, |
68 const SafeBrowsingProtocolConfig& config) { | 105 const SafeBrowsingProtocolConfig& config) { |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
106 } | 143 } |
107 | 144 |
108 // Sends a SafeBrowsing "hit" report. | 145 // Sends a SafeBrowsing "hit" report. |
109 void BasePingManager::ReportSafeBrowsingHit( | 146 void BasePingManager::ReportSafeBrowsingHit( |
110 const safe_browsing::HitReport& hit_report) { | 147 const safe_browsing::HitReport& hit_report) { |
111 GURL report_url = SafeBrowsingHitUrl(hit_report); | 148 GURL report_url = SafeBrowsingHitUrl(hit_report); |
112 std::unique_ptr<net::URLFetcher> report_ptr = net::URLFetcher::Create( | 149 std::unique_ptr<net::URLFetcher> report_ptr = net::URLFetcher::Create( |
113 report_url, | 150 report_url, |
114 hit_report.post_data.empty() ? net::URLFetcher::GET | 151 hit_report.post_data.empty() ? net::URLFetcher::GET |
115 : net::URLFetcher::POST, | 152 : net::URLFetcher::POST, |
116 this); | 153 this, kTrafficAnnotation); |
117 net::URLFetcher* report = report_ptr.get(); | 154 net::URLFetcher* report = report_ptr.get(); |
118 data_use_measurement::DataUseUserData::AttachToFetcher( | 155 data_use_measurement::DataUseUserData::AttachToFetcher( |
119 report, data_use_measurement::DataUseUserData::SAFE_BROWSING); | 156 report, data_use_measurement::DataUseUserData::SAFE_BROWSING); |
120 report_ptr->SetLoadFlags(net::LOAD_DISABLE_CACHE); | 157 report_ptr->SetLoadFlags(net::LOAD_DISABLE_CACHE); |
121 report_ptr->SetRequestContext(request_context_getter_.get()); | 158 report_ptr->SetRequestContext(request_context_getter_.get()); |
122 std::string post_data_base64; | 159 std::string post_data_base64; |
123 if (!hit_report.post_data.empty()) { | 160 if (!hit_report.post_data.empty()) { |
124 report_ptr->SetUploadData("text/plain", hit_report.post_data); | 161 report_ptr->SetUploadData("text/plain", hit_report.post_data); |
125 base::Base64Encode(hit_report.post_data, &post_data_base64); | 162 base::Base64Encode(hit_report.post_data, &post_data_base64); |
126 } | 163 } |
127 | 164 |
128 net_log_.BeginEvent( | 165 net_log_.BeginEvent( |
129 net::NetLogEventType::SAFE_BROWSING_PING, | 166 net::NetLogEventType::SAFE_BROWSING_PING, |
130 base::Bind(&NetLogPingStartCallback, net_log_, | 167 base::Bind(&NetLogPingStartCallback, net_log_, |
131 report_ptr->GetOriginalURL(), post_data_base64)); | 168 report_ptr->GetOriginalURL(), post_data_base64)); |
132 | 169 |
133 report->Start(); | 170 report->Start(); |
134 safebrowsing_reports_.insert(std::move(report_ptr)); | 171 safebrowsing_reports_.insert(std::move(report_ptr)); |
135 } | 172 } |
136 | 173 |
137 // Sends threat details for users who opt-in. | 174 // Sends threat details for users who opt-in. |
138 void BasePingManager::ReportThreatDetails(const std::string& report) { | 175 void BasePingManager::ReportThreatDetails(const std::string& report) { |
139 GURL report_url = ThreatDetailsUrl(); | 176 GURL report_url = ThreatDetailsUrl(); |
140 std::unique_ptr<net::URLFetcher> fetcher = | 177 std::unique_ptr<net::URLFetcher> fetcher = net::URLFetcher::Create( |
141 net::URLFetcher::Create(report_url, net::URLFetcher::POST, this); | 178 report_url, net::URLFetcher::POST, this, kTrafficAnnotation); |
142 data_use_measurement::DataUseUserData::AttachToFetcher( | 179 data_use_measurement::DataUseUserData::AttachToFetcher( |
143 fetcher.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING); | 180 fetcher.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING); |
144 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); | 181 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); |
145 fetcher->SetRequestContext(request_context_getter_.get()); | 182 fetcher->SetRequestContext(request_context_getter_.get()); |
146 fetcher->SetUploadData("application/octet-stream", report); | 183 fetcher->SetUploadData("application/octet-stream", report); |
147 // Don't try too hard to send reports on failures. | 184 // Don't try too hard to send reports on failures. |
148 fetcher->SetAutomaticallyRetryOn5xx(false); | 185 fetcher->SetAutomaticallyRetryOn5xx(false); |
149 | 186 |
150 std::string report_base64; | 187 std::string report_base64; |
151 base::Base64Encode(report, &report_base64); | 188 base::Base64Encode(report, &report_base64); |
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
245 url_prefix_.c_str(), client_name_.c_str(), version_.c_str()); | 282 url_prefix_.c_str(), client_name_.c_str(), version_.c_str()); |
246 std::string api_key = google_apis::GetAPIKey(); | 283 std::string api_key = google_apis::GetAPIKey(); |
247 if (!api_key.empty()) { | 284 if (!api_key.empty()) { |
248 base::StringAppendF(&url, "&key=%s", | 285 base::StringAppendF(&url, "&key=%s", |
249 net::EscapeQueryParamValue(api_key, true).c_str()); | 286 net::EscapeQueryParamValue(api_key, true).c_str()); |
250 } | 287 } |
251 return GURL(url); | 288 return GURL(url); |
252 } | 289 } |
253 | 290 |
254 } // namespace safe_browsing | 291 } // namespace safe_browsing |
OLD | NEW |