OLD | NEW |
---|---|
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_REQUEST _H_ | 5 #ifndef COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_REQUEST _H_ |
6 #define COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_REQUEST _H_ | 6 #define COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_REQUEST _H_ |
7 | 7 |
8 #include "base/macros.h" | 8 #include "base/macros.h" |
9 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
10 #include "base/task/cancelable_task_tracker.h" | |
10 #include "components/safe_browsing/password_protection/password_protection_servi ce.h" | 11 #include "components/safe_browsing/password_protection/password_protection_servi ce.h" |
12 #include "content/public/browser/browser_thread.h" | |
11 #include "net/url_request/url_fetcher.h" | 13 #include "net/url_request/url_fetcher.h" |
12 #include "net/url_request/url_fetcher_delegate.h" | 14 #include "net/url_request/url_fetcher_delegate.h" |
13 #include "net/url_request/url_request_status.h" | 15 #include "net/url_request/url_request_status.h" |
14 | 16 |
15 class GURL; | 17 class GURL; |
16 | 18 |
17 namespace safe_browsing { | 19 namespace safe_browsing { |
18 | 20 |
19 // A request for checking if an unfamiliar login form or a password reuse event | 21 // A request for checking if an unfamiliar login form or a password reuse event |
20 // is safe. PasswordProtectionRequest objects are owned by | 22 // is safe. PasswordProtectionRequest objects are owned by |
21 // PasswordProtectionService indicated by |password_protection_service_|. | 23 // PasswordProtectionService indicated by |password_protection_service_|. |
22 class PasswordProtectionRequest : public net::URLFetcherDelegate { | 24 // PasswordProtectionService is RefCountedThreadSafe such that it can post task |
25 // safely between IO and UI threads. It can only be destroyed on UI thread. | |
26 // | |
27 // PasswordProtectionRequest flow: | |
28 // Step| Thread | Task | |
29 // (1) | UI | If incognito or !SBER, quit request. | |
Nathan Parker
2017/04/19 17:20:53
Nice! This not only helps for the future, it help
Jialiu Lin
2017/04/19 17:52:27
:-)
| |
30 // (2) | UI | Add task to IO thread for whitelist checking. | |
31 // (3) | IO | Check whitelist and return the result back to UI thread. | |
32 // (4) | UI | If whitelisted, check verdict cache; else quit request. | |
33 // (5) | UI | If verdict cached, quit request; else prepare request proto. | |
34 // (6) | UI | Start a timeout task, and send network request. | |
35 // (7) | UI | On receiving response, handle response and finish. | |
36 // | | On request timeout, cancel request. | |
37 // | | On deletion of |password_protection_service_|, cancel request. | |
38 class PasswordProtectionRequest : public base::RefCountedThreadSafe< | |
39 PasswordProtectionRequest, | |
40 content::BrowserThread::DeleteOnUIThread>, | |
41 public net::URLFetcherDelegate { | |
23 public: | 42 public: |
24 // The outcome of the request. These values are used for UMA. | 43 // The outcome of the request. These values are used for UMA. |
25 // DO NOT CHANGE THE ORDERING OF THESE VALUES. | 44 // DO NOT CHANGE THE ORDERING OF THESE VALUES. |
26 enum RequestOutcome { | 45 enum RequestOutcome { |
27 UNKNOWN = 0, | 46 UNKNOWN = 0, |
28 SUCCEEDED = 1, | 47 SUCCEEDED = 1, |
29 CANCELED = 2, | 48 CANCELED = 2, |
30 TIMEDOUT = 3, | 49 TIMEDOUT = 3, |
31 MATCHED_WHITELIST = 4, | 50 MATCHED_WHITELIST = 4, |
32 RESPONSE_ALREADY_CACHED = 5, | 51 RESPONSE_ALREADY_CACHED = 5, |
33 NO_EXTENDED_REPORTING = 6, | 52 NO_EXTENDED_REPORTING = 6, |
34 INCOGNITO = 7, | 53 INCOGNITO = 7, |
35 REQUEST_MALFORMED = 8, | 54 REQUEST_MALFORMED = 8, |
36 FETCH_FAILED = 9, | 55 FETCH_FAILED = 9, |
37 RESPONSE_MALFORMED = 10, | 56 RESPONSE_MALFORMED = 10, |
38 SERVICE_DESTROYED = 11, | 57 SERVICE_DESTROYED = 11, |
39 MAX_OUTCOME | 58 MAX_OUTCOME |
40 }; | 59 }; |
41 | 60 |
42 PasswordProtectionRequest(const GURL& main_frame_url, | 61 PasswordProtectionRequest( |
43 LoginReputationClientRequest::TriggerType type, | 62 const GURL& main_frame_url, |
44 bool is_extended_reporting, | 63 LoginReputationClientRequest::TriggerType type, |
45 bool is_incognito, | 64 std::unique_ptr<PasswordProtectionFrameList> pending_password_frames, |
46 base::WeakPtr<PasswordProtectionService> pps, | 65 base::WeakPtr<PasswordProtectionService> pps, |
Nathan Parker
2017/04/19 17:20:53
One more question: if ~PPS destroys all the PPR's,
Jialiu Lin
2017/04/19 17:52:27
Yep, you're right. Changing it to regular pointer.
| |
47 int request_timeout_in_ms); | 66 int request_timeout_in_ms); |
48 | |
49 ~PasswordProtectionRequest() override; | |
50 | 67 |
51 base::WeakPtr<PasswordProtectionRequest> GetWeakPtr() { | 68 base::WeakPtr<PasswordProtectionRequest> GetWeakPtr() { |
52 return weakptr_factory_.GetWeakPtr(); | 69 return weakptr_factory_.GetWeakPtr(); |
53 } | 70 } |
54 | 71 |
55 // Starts processing request by checking extended reporting and incognito | 72 // Starts processing request by checking extended reporting and incognito |
56 // conditions. | 73 // conditions. |
57 void Start(); | 74 void Start(); |
58 | 75 |
59 // Cancels the current request. |timed_out| indicates if this cancellation is | 76 // Cancels the current request. |timed_out| indicates if this cancellation is |
60 // due to timeout. This function will call Finish() to destroy |this|. | 77 // due to timeout. This function will call Finish() to destroy |this|. |
61 void Cancel(bool timed_out); | 78 void Cancel(bool timed_out); |
62 | 79 |
63 // net::URLFetcherDelegate override. | 80 // net::URLFetcherDelegate override. |
64 // Processes the received response. | 81 // Processes the received response. |
65 void OnURLFetchComplete(const net::URLFetcher* source) override; | 82 void OnURLFetchComplete(const net::URLFetcher* source) override; |
66 | 83 |
67 GURL main_frame_url() const { return main_frame_url_; } | 84 GURL main_frame_url() const { return main_frame_url_; } |
68 | 85 |
69 bool is_incognito() const { return is_incognito_; } | 86 private: |
87 friend class base::RefCountedThreadSafe<PasswordProtectionRequest>; | |
88 friend struct content::BrowserThread::DeleteOnThread< | |
89 content::BrowserThread::UI>; | |
90 friend class base::DeleteHelper<PasswordProtectionRequest>; | |
91 ~PasswordProtectionRequest() override; | |
70 | 92 |
71 private: | 93 void CheckWhitelistOnUIThread(); |
94 | |
72 // If |main_frame_url_| matches whitelist, call Finish() immediately; | 95 // If |main_frame_url_| matches whitelist, call Finish() immediately; |
73 // otherwise call CheckCachedVerdicts(). | 96 // otherwise call CheckCachedVerdicts(). It is the task posted back to UI |
74 void OnWhitelistCheckDone(bool match_whitelist); | 97 // thread by the PostTaskAndReply() in CheckWhitelistOnUIThread(). |
98 // |match_whitelist| boolean pointer is used to pass whitelist checking result | |
99 // between UI and IO thread. The object it points to will be deleted at the | |
100 // end of OnWhitelistCheckDone(), since base::Owned() transfers its ownership | |
101 // to this callback function. | |
102 void OnWhitelistCheckDone(const bool* match_whitelist); | |
75 | 103 |
76 // Looks up cached verdicts. If verdict is already cached, call SendRequest(); | 104 // Looks up cached verdicts. If verdict is already cached, call SendRequest(); |
77 // otherwise call Finish(). | 105 // otherwise call Finish(). |
78 void CheckCachedVerdicts(); | 106 void CheckCachedVerdicts(); |
79 | 107 |
80 // Fill |request_proto_| with appropriate values. | 108 // Fill |request_proto_| with appropriate values. |
81 void FillRequestProto(); | 109 void FillRequestProto(); |
82 | 110 |
83 // Initiates network request to Safe Browsing backend. | 111 // Initiates network request to Safe Browsing backend. |
84 void SendRequest(); | 112 void SendRequest(); |
85 | 113 |
86 // Start a timer to cancel the request if it takes too long. | 114 // Start a timer to cancel the request if it takes too long. |
87 void StartTimeout(); | 115 void StartTimeout(); |
88 | 116 |
89 // |this| will be destroyed after calling this function. | 117 // |this| will be destroyed after calling this function. |
90 void Finish(RequestOutcome outcome, | 118 void Finish(RequestOutcome outcome, |
91 std::unique_ptr<LoginReputationClientResponse> response); | 119 std::unique_ptr<LoginReputationClientResponse> response); |
92 | 120 |
93 void CheckWhitelistsOnUIThread(); | |
94 | |
95 // Main frame URL of the login form. | 121 // Main frame URL of the login form. |
96 GURL main_frame_url_; | 122 GURL main_frame_url_; |
97 | 123 |
98 // If this request is for unfamiliar login page or for a password reuse event. | 124 // If this request is for unfamiliar login page or for a password reuse event. |
99 const LoginReputationClientRequest::TriggerType request_type_; | 125 const LoginReputationClientRequest::TriggerType request_type_; |
100 | 126 |
101 // If user is opted-in Safe Browsing Extended Reporting. | 127 // The list of PasswordProtectionFrame this request is concerning. |
102 const bool is_extended_reporting_; | 128 std::unique_ptr<PasswordProtectionFrameList> password_frames_; |
103 | |
104 // If current session is in incognito mode. | |
105 const bool is_incognito_; | |
106 | 129 |
107 // When request is sent. | 130 // When request is sent. |
108 base::TimeTicks request_start_time_; | 131 base::TimeTicks request_start_time_; |
109 | 132 |
110 // URLFetcher instance for sending request and receiving response. | 133 // URLFetcher instance for sending request and receiving response. |
111 std::unique_ptr<net::URLFetcher> fetcher_; | 134 std::unique_ptr<net::URLFetcher> fetcher_; |
112 | 135 |
113 // The PasswordProtectionService instance owns |this|. | 136 // The PasswordProtectionService instance owns |this|. |
137 // Can only be accessed on UI thread. | |
114 base::WeakPtr<PasswordProtectionService> password_protection_service_; | 138 base::WeakPtr<PasswordProtectionService> password_protection_service_; |
115 | 139 |
140 // Safe Browsing database manager used to look up CSD whitelist. | |
141 // Can only be accessed on IO thread. | |
142 scoped_refptr<SafeBrowsingDatabaseManager> database_manager_; | |
143 | |
116 // If we haven't receive response after this period of time, we cancel this | 144 // If we haven't receive response after this period of time, we cancel this |
117 // request. | 145 // request. |
118 const int request_timeout_in_ms_; | 146 const int request_timeout_in_ms_; |
119 | 147 |
120 std::unique_ptr<LoginReputationClientRequest> request_proto_; | 148 std::unique_ptr<LoginReputationClientRequest> request_proto_; |
121 | 149 |
150 // Needed for canceling tasks posted to different threads. | |
151 base::CancelableTaskTracker tracker_; | |
152 | |
122 base::WeakPtrFactory<PasswordProtectionRequest> weakptr_factory_; | 153 base::WeakPtrFactory<PasswordProtectionRequest> weakptr_factory_; |
123 DISALLOW_COPY_AND_ASSIGN(PasswordProtectionRequest); | 154 DISALLOW_COPY_AND_ASSIGN(PasswordProtectionRequest); |
124 }; | 155 }; |
125 | 156 |
126 } // namespace safe_browsing | 157 } // namespace safe_browsing |
127 | 158 |
128 #endif // COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_REQU EST_H_ | 159 #endif // COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_REQU EST_H_ |
OLD | NEW |