OLD | NEW |
---|---|
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 #include "components/safe_browsing/password_protection/password_protection_reque st.h" | 4 #include "components/safe_browsing/password_protection/password_protection_reque st.h" |
5 | 5 |
6 #include "base/memory/ptr_util.h" | 6 #include "base/memory/ptr_util.h" |
7 #include "base/memory/weak_ptr.h" | 7 #include "base/memory/weak_ptr.h" |
8 #include "base/metrics/histogram_macros.h" | 8 #include "base/metrics/histogram_macros.h" |
9 #include "components/data_use_measurement/core/data_use_user_data.h" | 9 #include "components/data_use_measurement/core/data_use_user_data.h" |
10 #include "content/public/browser/browser_thread.h" | 10 #include "components/safe_browsing_db/database_manager.h" |
11 #include "net/base/escape.h" | 11 #include "net/base/escape.h" |
12 #include "net/base/load_flags.h" | 12 #include "net/base/load_flags.h" |
13 #include "net/base/url_util.h" | 13 #include "net/base/url_util.h" |
14 #include "net/http/http_status_code.h" | 14 #include "net/http/http_status_code.h" |
15 | 15 |
16 using content::BrowserThread; | 16 using content::BrowserThread; |
17 | 17 |
18 namespace safe_browsing { | 18 namespace safe_browsing { |
19 | 19 |
20 PasswordProtectionRequest::PasswordProtectionRequest( | 20 PasswordProtectionRequest::PasswordProtectionRequest( |
21 const GURL& main_frame_url, | 21 const GURL& main_frame_url, |
22 LoginReputationClientRequest::TriggerType type, | 22 LoginReputationClientRequest::TriggerType type, |
23 bool is_extended_reporting, | 23 std::unique_ptr<PasswordProtectionFrames> pending_password_frames, |
24 bool is_incognito, | |
25 base::WeakPtr<PasswordProtectionService> pps, | 24 base::WeakPtr<PasswordProtectionService> pps, |
25 scoped_refptr<SafeBrowsingDatabaseManager> database_manager, | |
26 int request_timeout_in_ms) | 26 int request_timeout_in_ms) |
27 : main_frame_url_(main_frame_url), | 27 : main_frame_url_(main_frame_url), |
28 request_type_(type), | 28 request_type_(type), |
29 is_extended_reporting_(is_extended_reporting), | 29 pending_password_frames_(std::move(pending_password_frames)), |
30 is_incognito_(is_incognito), | |
31 password_protection_service_(pps), | 30 password_protection_service_(pps), |
Nathan Parker
2017/04/17 20:28:02
Do we need both the PPS and the DBMGR? We can get
Jialiu Lin
2017/04/18 00:58:26
Ah, you're totally right.
| |
31 database_manager_(database_manager), | |
32 request_timeout_in_ms_(request_timeout_in_ms), | 32 request_timeout_in_ms_(request_timeout_in_ms), |
33 weakptr_factory_(this) { | 33 weakptr_factory_(this) { |
34 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 34 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
35 } | 35 } |
36 | 36 |
37 PasswordProtectionRequest::~PasswordProtectionRequest() { | 37 PasswordProtectionRequest::~PasswordProtectionRequest() { |
38 weakptr_factory_.InvalidateWeakPtrs(); | 38 weakptr_factory_.InvalidateWeakPtrs(); |
39 } | 39 } |
40 | 40 |
41 void PasswordProtectionRequest::Start() { | 41 void PasswordProtectionRequest::Start() { |
42 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 42 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
43 // Initially we only send ping for Safe Browsing Extended Reporting users when | 43 // Initially we only send ping for Safe Browsing Extended Reporting users when |
44 // they are not in incognito mode. We may loose these conditions later. | 44 // they are not in incognito mode. We may loose these conditions later. |
45 if (is_incognito_) { | 45 if (password_protection_service_->IsIncognito()) { |
46 Finish(RequestOutcome::INCOGNITO, nullptr); | 46 Finish(RequestOutcome::INCOGNITO, nullptr); |
47 return; | 47 return; |
48 } | 48 } |
49 if (!is_extended_reporting_) { | 49 if (!password_protection_service_->IsExtendedReporting()) { |
50 Finish(RequestOutcome::NO_EXTENDED_REPORTING, nullptr); | 50 Finish(RequestOutcome::NO_EXTENDED_REPORTING, nullptr); |
51 return; | 51 return; |
52 } | 52 } |
53 | 53 |
54 CheckWhitelistsOnUIThread(); | 54 CheckWhitelistOnUIThread(); |
55 } | 55 } |
56 | 56 |
57 void PasswordProtectionRequest::CheckWhitelistsOnUIThread() { | 57 void PasswordProtectionRequest::CheckWhitelistOnUIThread() { |
58 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 58 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
59 DCHECK(password_protection_service_); | 59 bool* match_whitelist = new bool(false); |
Nathan Parker
2017/04/17 20:28:02
This seems like it'd get leaked. Why a ptr, and t
Jialiu Lin
2017/04/18 00:58:26
I was following this example. http://dev.chromium.
| |
60 | 60 tracker_.PostTaskAndReply( |
61 BrowserThread::PostTask( | 61 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO).get(), FROM_HERE, |
62 BrowserThread::IO, FROM_HERE, | |
63 base::Bind(&PasswordProtectionService::CheckCsdWhitelistOnIOThread, | 62 base::Bind(&PasswordProtectionService::CheckCsdWhitelistOnIOThread, |
64 password_protection_service_, main_frame_url_, | 63 base::Unretained(password_protection_service_.get()), |
65 base::Bind(&PasswordProtectionRequest::OnWhitelistCheckDone, | 64 main_frame_url_, match_whitelist), |
66 GetWeakPtr()))); | 65 base::Bind(&PasswordProtectionRequest::OnWhitelistCheckDone, this, |
Nathan Parker
2017/04/17 20:28:02
What's wrong with the weak-ptr approach here?
Jialiu Lin
2017/04/18 00:58:26
WeakPtr is not thread safe when handling cancelabl
| |
66 base::Owned(match_whitelist))); | |
67 } | 67 } |
68 | 68 |
69 void PasswordProtectionRequest::OnWhitelistCheckDone(bool match_whitelist) { | 69 void PasswordProtectionRequest::OnWhitelistCheckDone( |
70 const bool* match_whitelist) { | |
70 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 71 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
71 if (match_whitelist) | 72 if (*match_whitelist) |
72 Finish(RequestOutcome::MATCHED_WHITELIST, nullptr); | 73 Finish(RequestOutcome::MATCHED_WHITELIST, nullptr); |
73 else | 74 else |
74 CheckCachedVerdicts(); | 75 CheckCachedVerdicts(); |
75 } | 76 } |
76 | 77 |
77 void PasswordProtectionRequest::CheckCachedVerdicts() { | 78 void PasswordProtectionRequest::CheckCachedVerdicts() { |
78 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 79 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
79 if (!password_protection_service_) { | 80 if (!password_protection_service_) { |
80 Finish(RequestOutcome::SERVICE_DESTROYED, nullptr); | 81 Finish(RequestOutcome::SERVICE_DESTROYED, nullptr); |
81 return; | 82 return; |
(...skipping 11 matching lines...) Expand all Loading... | |
93 | 94 |
94 void PasswordProtectionRequest::FillRequestProto() { | 95 void PasswordProtectionRequest::FillRequestProto() { |
95 request_proto_ = base::MakeUnique<LoginReputationClientRequest>(); | 96 request_proto_ = base::MakeUnique<LoginReputationClientRequest>(); |
96 request_proto_->set_page_url(main_frame_url_.spec()); | 97 request_proto_->set_page_url(main_frame_url_.spec()); |
97 request_proto_->set_trigger_type(request_type_); | 98 request_proto_->set_trigger_type(request_type_); |
98 request_proto_->set_stored_verdict_cnt( | 99 request_proto_->set_stored_verdict_cnt( |
99 password_protection_service_->GetStoredVerdictCount()); | 100 password_protection_service_->GetStoredVerdictCount()); |
100 LoginReputationClientRequest::Frame* main_frame = | 101 LoginReputationClientRequest::Frame* main_frame = |
101 request_proto_->add_frames(); | 102 request_proto_->add_frames(); |
102 main_frame->set_url(main_frame_url_.spec()); | 103 main_frame->set_url(main_frame_url_.spec()); |
104 main_frame->set_frame_index(0 /* main frame */); | |
105 main_frame->set_has_password_field(true); | |
103 password_protection_service_->FillReferrerChain( | 106 password_protection_service_->FillReferrerChain( |
104 main_frame_url_, -1 /* tab id not available */, main_frame); | 107 main_frame_url_, -1 /* tab id not available */, main_frame); |
105 // TODO(jialiul): Add sub-frame information and password form information. | 108 |
109 // TODO(jialiul): Fill more password form related info based on | |
110 // |password_frame_map_| when Safe Browsing backend is ready to handle these | |
111 // pieces of information. | |
106 } | 112 } |
107 | 113 |
108 void PasswordProtectionRequest::SendRequest() { | 114 void PasswordProtectionRequest::SendRequest() { |
109 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 115 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
110 FillRequestProto(); | 116 FillRequestProto(); |
111 | 117 |
112 std::string serialized_request; | 118 std::string serialized_request; |
113 if (!request_proto_->SerializeToString(&serialized_request)) { | 119 if (!request_proto_->SerializeToString(&serialized_request)) { |
114 Finish(RequestOutcome::REQUEST_MALFORMED, nullptr); | 120 Finish(RequestOutcome::REQUEST_MALFORMED, nullptr); |
115 return; | 121 return; |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
162 } | 168 } |
163 | 169 |
164 std::unique_ptr<LoginReputationClientResponse> response = | 170 std::unique_ptr<LoginReputationClientResponse> response = |
165 base::MakeUnique<LoginReputationClientResponse>(); | 171 base::MakeUnique<LoginReputationClientResponse>(); |
166 std::string response_body; | 172 std::string response_body; |
167 bool received_data = source->GetResponseAsString(&response_body); | 173 bool received_data = source->GetResponseAsString(&response_body); |
168 DCHECK(received_data); | 174 DCHECK(received_data); |
169 fetcher_.reset(); // We don't need it anymore. | 175 fetcher_.reset(); // We don't need it anymore. |
170 UMA_HISTOGRAM_TIMES("PasswordProtection.RequestNetworkDuration", | 176 UMA_HISTOGRAM_TIMES("PasswordProtection.RequestNetworkDuration", |
171 base::TimeTicks::Now() - request_start_time_); | 177 base::TimeTicks::Now() - request_start_time_); |
172 if (response->ParseFromString(response_body)) { | 178 if (response->ParseFromString(response_body)) |
173 Finish(RequestOutcome::SUCCEEDED, std::move(response)); | 179 Finish(RequestOutcome::SUCCEEDED, std::move(response)); |
174 } else { | 180 else |
175 Finish(RequestOutcome::RESPONSE_MALFORMED, nullptr); | 181 Finish(RequestOutcome::RESPONSE_MALFORMED, nullptr); |
176 } | |
177 } | 182 } |
178 | 183 |
179 void PasswordProtectionRequest::Finish( | 184 void PasswordProtectionRequest::Finish( |
180 RequestOutcome outcome, | 185 RequestOutcome outcome, |
181 std::unique_ptr<LoginReputationClientResponse> response) { | 186 std::unique_ptr<LoginReputationClientResponse> response) { |
182 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 187 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
188 tracker_.TryCancelAll(); | |
183 | 189 |
184 UMA_HISTOGRAM_ENUMERATION("PasswordProtection.RequestOutcome", outcome, | 190 UMA_HISTOGRAM_ENUMERATION("PasswordProtection.RequestOutcome", outcome, |
185 RequestOutcome::MAX_OUTCOME); | 191 RequestOutcome::MAX_OUTCOME); |
186 | 192 |
187 if (response) { | 193 if (response) { |
188 switch (request_type_) { | 194 switch (request_type_) { |
189 case LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE: | 195 case LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE: |
190 UMA_HISTOGRAM_ENUMERATION( | 196 UMA_HISTOGRAM_ENUMERATION( |
191 "PasswordProtection.UnfamiliarLoginPageVerdict", | 197 "PasswordProtection.UnfamiliarLoginPageVerdict", |
192 response->verdict_type(), | 198 response->verdict_type(), |
(...skipping 15 matching lines...) Expand all Loading... | |
208 } | 214 } |
209 | 215 |
210 void PasswordProtectionRequest::Cancel(bool timed_out) { | 216 void PasswordProtectionRequest::Cancel(bool timed_out) { |
211 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 217 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
212 fetcher_.reset(); | 218 fetcher_.reset(); |
213 | 219 |
214 Finish(timed_out ? TIMEDOUT : CANCELED, nullptr); | 220 Finish(timed_out ? TIMEDOUT : CANCELED, nullptr); |
215 } | 221 } |
216 | 222 |
217 } // namespace safe_browsing | 223 } // namespace safe_browsing |
OLD | NEW |