Chromium Code Reviews Chromium Code Reviews
Issue 2834543003:
[subresource_filter] SB throttle can send multiple speculative requests. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/subresource_filter/content/browser/subresource_filter_safe_ browsing_activation_throttle.h" | 5 #include "components/subresource_filter/content/browser/subresource_filter_safe_ browsing_activation_throttle.h" |
| 6 | 6 |
| 7 #include <utility> | |
| 7 #include <vector> | 8 #include <vector> |
| 8 | 9 |
| 10 #include "base/metrics/histogram_macros.h" | |
| 9 #include "base/timer/timer.h" | 11 #include "base/timer/timer.h" |
| 10 #include "components/safe_browsing_db/v4_local_database_manager.h" | |
| 11 #include "components/subresource_filter/content/browser/content_subresource_filt er_driver_factory.h" | 12 #include "components/subresource_filter/content/browser/content_subresource_filt er_driver_factory.h" |
| 13 #include "components/subresource_filter/content/browser/subresource_filter_safe_ browsing_client.h" | |
| 12 #include "content/public/browser/browser_thread.h" | 14 #include "content/public/browser/browser_thread.h" |
| 13 #include "content/public/browser/navigation_handle.h" | 15 #include "content/public/browser/navigation_handle.h" |
| 14 #include "content/public/browser/web_contents.h" | 16 #include "content/public/browser/web_contents.h" |
| 15 | 17 |
| 16 namespace { | |
| 17 | |
| 18 // Maximum time in milliseconds to wait for the Safe Browsing service to | |
| 19 // verify a URL. After this amount of time the outstanding check will be | |
| 20 // aborted, and the URL will be treated as if it didn't belong to the | |
| 21 // Subresource Filter only list. | |
| 22 constexpr base::TimeDelta kCheckURLTimeout = base::TimeDelta::FromSeconds(5); | |
| 23 | |
| 24 } // namespace | |
| 25 | |
| 26 namespace subresource_filter { | 18 namespace subresource_filter { |
| 27 | 19 |
| 28 class SubresourceFilterSafeBrowsingActivationThrottle::SBDatabaseClient | |
| 29 : public safe_browsing::SafeBrowsingDatabaseManager::Client { | |
| 30 public: | |
| 31 SBDatabaseClient( | |
| 32 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> | |
| 33 database_manager, | |
| 34 base::WeakPtr<SubresourceFilterSafeBrowsingActivationThrottle> throttle, | |
| 35 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner) | |
| 36 : database_manager_(std::move(database_manager)), | |
| 37 throttle_(throttle), | |
| 38 io_task_runner_(io_task_runner) {} | |
| 39 | |
| 40 ~SBDatabaseClient() override { | |
| 41 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | |
| 42 database_manager_->CancelCheck(this); | |
| 43 } | |
| 44 | |
| 45 void CheckUrlOnIO(const GURL& url) { | |
| 46 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | |
| 47 DCHECK(!url.is_empty()); | |
| 48 url_being_checked_ = url; | |
| 49 if (database_manager_->CheckUrlForSubresourceFilter(url, this)) { | |
| 50 OnCheckBrowseUrlResult(url, safe_browsing::SB_THREAT_TYPE_SAFE, | |
| 51 safe_browsing::ThreatMetadata()); | |
| 52 return; | |
| 53 } | |
| 54 timer_.Start(FROM_HERE, kCheckURLTimeout, this, | |
| 55 &SubresourceFilterSafeBrowsingActivationThrottle:: | |
| 56 SBDatabaseClient::OnCheckUrlTimeout); | |
| 57 } | |
| 58 | |
| 59 void OnCheckBrowseUrlResult( | |
| 60 const GURL& url, | |
| 61 safe_browsing::SBThreatType threat_type, | |
| 62 const safe_browsing::ThreatMetadata& metadata) override { | |
| 63 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | |
| 64 DCHECK_EQ(url_being_checked_, url); | |
| 65 timer_.Stop(); // Cancel the timeout timer. | |
| 66 io_task_runner_->PostTask( | |
| 67 FROM_HERE, | |
| 68 base::Bind(&SubresourceFilterSafeBrowsingActivationThrottle:: | |
| 69 OnCheckUrlResultOnUI, | |
| 70 throttle_, url, threat_type, metadata.threat_pattern_type)); | |
| 71 } | |
| 72 | |
| 73 // Callback for when the safe browsing check has taken longer than | |
| 74 // kCheckURLTimeout. | |
| 75 void OnCheckUrlTimeout() { | |
| 76 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | |
| 77 database_manager_->CancelCheck(this); | |
| 78 | |
| 79 OnCheckBrowseUrlResult(url_being_checked_, | |
| 80 safe_browsing::SB_THREAT_TYPE_SAFE, | |
| 81 safe_browsing::ThreatMetadata()); | |
| 82 } | |
| 83 | |
| 84 private: | |
| 85 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> database_manager_; | |
| 86 | |
| 87 // Timer to abort the safe browsing check if it takes too long. | |
| 88 base::OneShotTimer timer_; | |
| 89 GURL url_being_checked_; | |
| 90 | |
| 91 base::WeakPtr<SubresourceFilterSafeBrowsingActivationThrottle> throttle_; | |
| 92 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_; | |
| 93 | |
| 94 DISALLOW_COPY_AND_ASSIGN(SBDatabaseClient); | |
| 95 }; | |
| 96 | |
| 97 SubresourceFilterSafeBrowsingActivationThrottle:: | 20 SubresourceFilterSafeBrowsingActivationThrottle:: |
| 98 SubresourceFilterSafeBrowsingActivationThrottle( | 21 SubresourceFilterSafeBrowsingActivationThrottle( |
| 99 content::NavigationHandle* handle, | 22 content::NavigationHandle* handle, |
| 23 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, | |
| 100 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> | 24 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> |
| 101 database_manager) | 25 database_manager) |
| 102 : NavigationThrottle(handle), | 26 : NavigationThrottle(handle), |
| 103 io_task_runner_(content::BrowserThread::GetTaskRunnerForThread( | 27 database_manager_(std::move(database_manager)), |
| 104 content::BrowserThread::IO)), | 28 io_task_runner_(io_task_runner), |
| 105 database_client_( | 29 database_client_(new SubresourceFilterSafeBrowsingClient( |
| 106 new SubresourceFilterSafeBrowsingActivationThrottle::SBDatabaseClient( | 30 database_manager_.get(), |
|
engedy
2017/04/25 22:03:53
nit: s/.get()//
Charlie Harrison
2017/04/26 14:30:25
Done.
| |
| 107 std::move(database_manager), | 31 AsWeakPtr(), |
| 108 AsWeakPtr(), | 32 io_task_runner, |
| 109 base::ThreadTaskRunnerHandle::Get()), | 33 base::ThreadTaskRunnerHandle::Get()), |
| 110 base::OnTaskRunnerDeleter(io_task_runner_)) {} | 34 base::OnTaskRunnerDeleter(io_task_runner_)) {} |
| 111 | 35 |
| 112 SubresourceFilterSafeBrowsingActivationThrottle:: | 36 SubresourceFilterSafeBrowsingActivationThrottle:: |
| 113 ~SubresourceFilterSafeBrowsingActivationThrottle() {} | 37 ~SubresourceFilterSafeBrowsingActivationThrottle() { |
| 38 // TODO(csharrison): Log metrics based on check_results_. | |
| 39 } | |
| 40 | |
| 41 content::NavigationThrottle::ThrottleCheckResult | |
| 42 SubresourceFilterSafeBrowsingActivationThrottle::WillStartRequest() { | |
| 43 CheckUrl(); | |
| 44 return content::NavigationThrottle::ThrottleCheckResult::PROCEED; | |
| 45 } | |
| 46 | |
| 47 content::NavigationThrottle::ThrottleCheckResult | |
| 48 SubresourceFilterSafeBrowsingActivationThrottle::WillRedirectRequest() { | |
| 49 CheckUrl(); | |
| 50 return content::NavigationThrottle::ThrottleCheckResult::PROCEED; | |
| 51 } | |
| 114 | 52 |
| 115 content::NavigationThrottle::ThrottleCheckResult | 53 content::NavigationThrottle::ThrottleCheckResult |
| 116 SubresourceFilterSafeBrowsingActivationThrottle::WillProcessResponse() { | 54 SubresourceFilterSafeBrowsingActivationThrottle::WillProcessResponse() { |
| 117 io_task_runner_->PostTask( | 55 // No need to defer the navigation if the check already happened. |
| 118 FROM_HERE, base::Bind(&SubresourceFilterSafeBrowsingActivationThrottle:: | 56 if (check_results_.back().finished) { |
| 119 SBDatabaseClient::CheckUrlOnIO, | 57 NotifyResult(); |
| 120 base::Unretained(database_client_.get()), | 58 return content::NavigationThrottle::ThrottleCheckResult::PROCEED; |
| 121 navigation_handle()->GetURL())); | 59 } |
| 60 defer_time_ = base::TimeTicks::Now(); | |
| 122 return content::NavigationThrottle::ThrottleCheckResult::DEFER; | 61 return content::NavigationThrottle::ThrottleCheckResult::DEFER; |
| 123 } | 62 } |
| 124 | 63 |
| 125 const char* | 64 const char* |
| 126 SubresourceFilterSafeBrowsingActivationThrottle::GetNameForLogging() { | 65 SubresourceFilterSafeBrowsingActivationThrottle::GetNameForLogging() { |
| 127 return "SubresourceFilterSafeBrowsingActivationThrottle"; | 66 return "SubresourceFilterSafeBrowsingActivationThrottle"; |
| 128 } | 67 } |
| 129 | 68 |
| 130 void SubresourceFilterSafeBrowsingActivationThrottle::OnCheckUrlResultOnUI( | 69 void SubresourceFilterSafeBrowsingActivationThrottle::OnCheckUrlResultOnUI( |
| 131 const GURL& url, | 70 const GURL& url, |
|
engedy
2017/04/25 22:03:53
nit: |url| never used
Charlie Harrison
2017/04/26 14:30:25
Done.
| |
| 71 size_t request_id, | |
| 132 safe_browsing::SBThreatType threat_type, | 72 safe_browsing::SBThreatType threat_type, |
| 133 safe_browsing::ThreatPatternType pattern_type) { | 73 safe_browsing::ThreatPatternType pattern_type) { |
| 74 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | |
| 75 DCHECK_LE(request_id, check_results_.size()); | |
|
engedy
2017/04/25 22:03:53
DCHECK_LT
Charlie Harrison
2017/04/26 14:30:25
Done.
| |
| 76 | |
| 77 CheckResult& result = check_results_[request_id]; | |
| 78 DCHECK(!result.finished); | |
| 79 result.threat_type = threat_type; | |
| 80 result.pattern_type = pattern_type; | |
| 81 result.finished = true; | |
| 82 | |
| 83 if (!defer_time_.is_null() && request_id == check_results_.size() - 1) { | |
| 84 NotifyResult(); | |
| 85 navigation_handle()->Resume(); | |
| 86 } | |
| 87 } | |
| 88 | |
| 89 void SubresourceFilterSafeBrowsingActivationThrottle::CheckUrl() { | |
|
engedy
2017/04/25 22:03:53
nit: Maybe CheckCurrentURL() or something more qua
Charlie Harrison
2017/04/26 14:30:25
Done.
| |
| 90 check_results_.emplace_back(); | |
| 91 int id = check_results_.size() - 1; | |
|
engedy
2017/04/25 22:03:53
nit: Let's make sure to use size_t consistently.
Charlie Harrison
2017/04/26 14:30:25
Done.
| |
| 92 io_task_runner_->PostTask( | |
| 93 FROM_HERE, base::Bind(&SubresourceFilterSafeBrowsingClient::CheckUrlOnIO, | |
| 94 base::Unretained(database_client_.get()), | |
|
Nathan Parker
2017/04/24 22:05:17
FYI the database_manager doesn't support multiple
engedy
2017/04/25 22:03:53
Yes, the CL creates new SBDBMgr::Clients, so we sh
| |
| 95 navigation_handle()->GetURL(), id)); | |
| 96 } | |
| 97 | |
| 98 void SubresourceFilterSafeBrowsingActivationThrottle::NotifyResult() { | |
| 134 content::WebContents* web_contents = navigation_handle()->GetWebContents(); | 99 content::WebContents* web_contents = navigation_handle()->GetWebContents(); |
| 135 if (web_contents) { | 100 if (!web_contents) |
| 136 using subresource_filter::ContentSubresourceFilterDriverFactory; | 101 return; |
| 137 ContentSubresourceFilterDriverFactory* driver_factory = | |
| 138 ContentSubresourceFilterDriverFactory::FromWebContents(web_contents); | |
| 139 DCHECK(driver_factory); | |
| 140 | 102 |
| 141 driver_factory->OnMainResourceMatchedSafeBrowsingBlacklist( | 103 using subresource_filter::ContentSubresourceFilterDriverFactory; |
| 142 url, std::vector<GURL>(), threat_type, pattern_type); | 104 |
| 143 } | 105 const CheckResult& result = check_results_.back(); |
| 144 // TODO(https://crbug.com/704508): We should measure the delay introduces by | 106 ContentSubresourceFilterDriverFactory* driver_factory = |
| 145 // this check. Similarly, as it's done the Safe Browsing Resource throttle. | 107 ContentSubresourceFilterDriverFactory::FromWebContents(web_contents); |
| 146 navigation_handle()->Resume(); | 108 DCHECK(driver_factory); |
| 109 | |
| 110 driver_factory->OnMainResourceMatchedSafeBrowsingBlacklist( | |
| 111 navigation_handle()->GetURL(), std::vector<GURL>(), result.threat_type, | |
| 112 result.pattern_type); | |
| 113 | |
| 114 base::TimeDelta delay = defer_time_.is_null() | |
| 115 ? base::TimeDelta::FromMilliseconds(0) | |
| 116 : base::TimeTicks::Now() - defer_time_; | |
| 117 UMA_HISTOGRAM_TIMES("SubresourceFilter.PageLoad.SafeBrowsingDelay", delay); | |
| 147 } | 118 } |
| 148 | 119 |
| 149 } // namespace subresource_filter | 120 } // namespace subresource_filter |
| OLD | NEW |
