| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/safe_browsing/password_protection/password_protection_servi
ce.h" | 5 #include "components/safe_browsing/password_protection/password_protection_servi
ce.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/callback.h" | 8 #include "base/callback.h" |
| 9 #include "base/memory/ptr_util.h" | 9 #include "base/memory/ptr_util.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 history_service_observer_.Add(history_service); | 91 history_service_observer_.Add(history_service); |
| 92 } | 92 } |
| 93 | 93 |
| 94 PasswordProtectionService::~PasswordProtectionService() { | 94 PasswordProtectionService::~PasswordProtectionService() { |
| 95 tracker_.TryCancelAll(); | 95 tracker_.TryCancelAll(); |
| 96 CancelPendingRequests(); | 96 CancelPendingRequests(); |
| 97 history_service_observer_.RemoveAll(); | 97 history_service_observer_.RemoveAll(); |
| 98 weak_factory_.InvalidateWeakPtrs(); | 98 weak_factory_.InvalidateWeakPtrs(); |
| 99 } | 99 } |
| 100 | 100 |
| 101 void PasswordProtectionService::RecordPasswordReuse(const GURL& url) { | |
| 102 DCHECK_CURRENTLY_ON(BrowserThread::UI); | |
| 103 DCHECK(database_manager_); | |
| 104 bool* match_whitelist = new bool(false); | |
| 105 tracker_.PostTaskAndReply( | |
| 106 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO).get(), FROM_HERE, | |
| 107 base::Bind(&PasswordProtectionService::CheckCsdWhitelistOnIOThread, | |
| 108 base::Unretained(this), url, match_whitelist), | |
| 109 base::Bind(&PasswordProtectionService::OnMatchCsdWhiteListResult, | |
| 110 base::Unretained(this), base::Owned(match_whitelist))); | |
| 111 } | |
| 112 | |
| 113 void PasswordProtectionService::CheckCsdWhitelistOnIOThread( | 101 void PasswordProtectionService::CheckCsdWhitelistOnIOThread( |
| 114 const GURL& url, | 102 const GURL& url, |
| 115 bool* check_result) { | 103 bool* check_result) { |
| 116 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 104 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 117 *check_result = | 105 *check_result = |
| 118 url.is_valid() ? database_manager_->MatchCsdWhitelistUrl(url) : true; | 106 url.is_valid() ? database_manager_->MatchCsdWhitelistUrl(url) : true; |
| 119 } | 107 } |
| 120 | 108 |
| 121 LoginReputationClientResponse::VerdictType | 109 LoginReputationClientResponse::VerdictType |
| 122 PasswordProtectionService::GetCachedVerdict( | 110 PasswordProtectionService::GetCachedVerdict( |
| (...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 259 CONTENT_SETTINGS_TYPE_PASSWORD_PROTECTION, std::string(), | 247 CONTENT_SETTINGS_TYPE_PASSWORD_PROTECTION, std::string(), |
| 260 std::move(verdict_dictionary)); | 248 std::move(verdict_dictionary)); |
| 261 } | 249 } |
| 262 } | 250 } |
| 263 } | 251 } |
| 264 | 252 |
| 265 void PasswordProtectionService::StartRequest( | 253 void PasswordProtectionService::StartRequest( |
| 266 const GURL& main_frame_url, | 254 const GURL& main_frame_url, |
| 267 const GURL& password_form_action, | 255 const GURL& password_form_action, |
| 268 const GURL& password_form_frame_url, | 256 const GURL& password_form_frame_url, |
| 257 const std::string& saved_domain, |
| 269 LoginReputationClientRequest::TriggerType type) { | 258 LoginReputationClientRequest::TriggerType type) { |
| 270 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 259 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 271 scoped_refptr<PasswordProtectionRequest> request( | 260 scoped_refptr<PasswordProtectionRequest> request( |
| 272 new PasswordProtectionRequest(main_frame_url, password_form_action, | 261 new PasswordProtectionRequest(main_frame_url, password_form_action, |
| 273 password_form_frame_url, type, this, | 262 password_form_frame_url, saved_domain, type, |
| 274 GetRequestTimeoutInMS())); | 263 this, GetRequestTimeoutInMS())); |
| 275 DCHECK(request); | 264 DCHECK(request); |
| 276 request->Start(); | 265 request->Start(); |
| 277 requests_.insert(std::move(request)); | 266 requests_.insert(std::move(request)); |
| 278 } | 267 } |
| 279 | 268 |
| 280 void PasswordProtectionService::MaybeStartPasswordFieldOnFocusRequest( | 269 void PasswordProtectionService::MaybeStartPasswordFieldOnFocusRequest( |
| 281 const GURL& main_frame_url, | 270 const GURL& main_frame_url, |
| 282 const GURL& password_form_action, | 271 const GURL& password_form_action, |
| 283 const GURL& password_form_frame_url) { | 272 const GURL& password_form_frame_url) { |
| 284 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 273 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 285 RequestOutcome request_outcome; | 274 RequestOutcome request_outcome; |
| 286 if (!IsPingingEnabled(kPasswordFieldOnFocusPinging, &request_outcome)) { | 275 if (!IsPingingEnabled(kPasswordFieldOnFocusPinging, &request_outcome)) { |
| 287 RecordPingingDisabledReason(kPasswordFieldOnFocusPinging, request_outcome); | 276 RecordPingingDisabledReason(kPasswordFieldOnFocusPinging, request_outcome); |
| 288 return; | 277 return; |
| 289 } | 278 } |
| 290 | 279 |
| 291 // Skip URLs that we can't get a reliable reputation for. | 280 // Skip URLs that we can't get a reliable reputation for. |
| 292 if (!main_frame_url.is_valid() || !main_frame_url.SchemeIsHTTPOrHTTPS()) { | 281 if (!main_frame_url.is_valid() || !main_frame_url.SchemeIsHTTPOrHTTPS()) { |
| 293 return; | 282 return; |
| 294 } | 283 } |
| 295 | 284 |
| 296 StartRequest(main_frame_url, password_form_action, password_form_frame_url, | 285 StartRequest(main_frame_url, password_form_action, password_form_frame_url, |
| 286 std::string(), /* saved_domain: not used for this type */ |
| 297 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE); | 287 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE); |
| 298 } | 288 } |
| 299 | 289 |
| 290 void PasswordProtectionService::MaybeStartProtectedPasswordEntryRequest( |
| 291 const GURL& main_frame_url, |
| 292 const std::string& saved_domain) { |
| 293 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 294 RequestOutcome request_outcome; |
| 295 if (!IsPingingEnabled(kProtectedPasswordEntryPinging, &request_outcome)) { |
| 296 RecordPingingDisabledReason(kProtectedPasswordEntryPinging, |
| 297 request_outcome); |
| 298 return; |
| 299 } |
| 300 |
| 301 // Skip URLs that we can't get a reliable reputation for. |
| 302 if (!main_frame_url.is_valid() || !main_frame_url.SchemeIsHTTPOrHTTPS()) { |
| 303 return; |
| 304 } |
| 305 |
| 306 StartRequest(main_frame_url, GURL(), GURL(), saved_domain, |
| 307 LoginReputationClientRequest::PASSWORD_REUSE_EVENT); |
| 308 } |
| 309 |
| 300 void PasswordProtectionService::RequestFinished( | 310 void PasswordProtectionService::RequestFinished( |
| 301 PasswordProtectionRequest* request, | 311 PasswordProtectionRequest* request, |
| 302 std::unique_ptr<LoginReputationClientResponse> response) { | 312 std::unique_ptr<LoginReputationClientResponse> response) { |
| 303 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 313 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 304 | 314 |
| 305 DCHECK(request); | 315 DCHECK(request); |
| 306 // TODO(jialiul): We don't cache verdict for incognito mode for now. | 316 // TODO(jialiul): We don't cache verdict for incognito mode for now. |
| 307 // Later we may consider temporarily caching verdict. | 317 // Later we may consider temporarily caching verdict. |
| 308 if (response && !IsIncognito()) | 318 if (response && !IsIncognito()) |
| 309 CacheVerdict(request->main_frame_url(), response.get(), base::Time::Now()); | 319 CacheVerdict(request->main_frame_url(), response.get(), base::Time::Now()); |
| (...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 389 } | 399 } |
| 390 base::FieldTrial* password_entry_field_trial = | 400 base::FieldTrial* password_entry_field_trial = |
| 391 base::FeatureList::GetFieldTrial(kProtectedPasswordEntryPinging); | 401 base::FeatureList::GetFieldTrial(kProtectedPasswordEntryPinging); |
| 392 if (password_entry_field_trial) { | 402 if (password_entry_field_trial) { |
| 393 user_population->add_finch_active_groups( | 403 user_population->add_finch_active_groups( |
| 394 low_reputation_field_trial->trial_name() + "|" + | 404 low_reputation_field_trial->trial_name() + "|" + |
| 395 low_reputation_field_trial->group_name()); | 405 low_reputation_field_trial->group_name()); |
| 396 } | 406 } |
| 397 } | 407 } |
| 398 | 408 |
| 399 void PasswordProtectionService::OnMatchCsdWhiteListResult( | |
| 400 const bool* match_whitelist) { | |
| 401 UMA_HISTOGRAM_BOOLEAN( | |
| 402 "PasswordManager.PasswordReuse.MainFrameMatchCsdWhitelist", | |
| 403 *match_whitelist); | |
| 404 } | |
| 405 | |
| 406 void PasswordProtectionService::OnURLsDeleted( | 409 void PasswordProtectionService::OnURLsDeleted( |
| 407 history::HistoryService* history_service, | 410 history::HistoryService* history_service, |
| 408 bool all_history, | 411 bool all_history, |
| 409 bool expired, | 412 bool expired, |
| 410 const history::URLRows& deleted_rows, | 413 const history::URLRows& deleted_rows, |
| 411 const std::set<GURL>& favicon_urls) { | 414 const std::set<GURL>& favicon_urls) { |
| 415 if (stored_verdict_count_ <= 0) |
| 416 return; |
| 417 |
| 412 BrowserThread::PostTask( | 418 BrowserThread::PostTask( |
| 413 BrowserThread::UI, FROM_HERE, | 419 BrowserThread::UI, FROM_HERE, |
| 414 base::Bind(&PasswordProtectionService::RemoveContentSettingsOnURLsDeleted, | 420 base::Bind(&PasswordProtectionService::RemoveContentSettingsOnURLsDeleted, |
| 415 GetWeakPtr(), all_history, deleted_rows)); | 421 GetWeakPtr(), all_history, deleted_rows)); |
| 416 } | 422 } |
| 417 | 423 |
| 418 void PasswordProtectionService::HistoryServiceBeingDeleted( | 424 void PasswordProtectionService::HistoryServiceBeingDeleted( |
| 419 history::HistoryService* history_service) { | 425 history::HistoryService* history_service) { |
| 420 history_service_observer_.RemoveAll(); | 426 history_service_observer_.RemoveAll(); |
| 421 } | 427 } |
| (...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 560 if (is_password_entry_ping) { | 566 if (is_password_entry_ping) { |
| 561 UMA_HISTOGRAM_ENUMERATION(kPasswordEntryRequestOutcomeHistogramName, reason, | 567 UMA_HISTOGRAM_ENUMERATION(kPasswordEntryRequestOutcomeHistogramName, reason, |
| 562 MAX_OUTCOME); | 568 MAX_OUTCOME); |
| 563 } else { | 569 } else { |
| 564 UMA_HISTOGRAM_ENUMERATION(kPasswordOnFocusRequestOutcomeHistogramName, | 570 UMA_HISTOGRAM_ENUMERATION(kPasswordOnFocusRequestOutcomeHistogramName, |
| 565 reason, MAX_OUTCOME); | 571 reason, MAX_OUTCOME); |
| 566 } | 572 } |
| 567 } | 573 } |
| 568 | 574 |
| 569 } // namespace safe_browsing | 575 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2878813002:
Trigger protected password entry request on password reuse event. (Closed)
