OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/loader/SubresourceFilter.h" | 5 #include "core/loader/SubresourceFilter.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
| 9 #include "core/dom/Document.h" |
9 #include "core/dom/TaskRunnerHelper.h" | 10 #include "core/dom/TaskRunnerHelper.h" |
| 11 #include "core/frame/LocalFrame.h" |
| 12 #include "core/inspector/ConsoleMessage.h" |
10 #include "platform/WebTaskRunner.h" | 13 #include "platform/WebTaskRunner.h" |
11 #include "platform/weborigin/KURL.h" | 14 #include "platform/weborigin/KURL.h" |
| 15 #include "platform/wtf/text/StringBuilder.h" |
12 #include "public/platform/WebTraceLocation.h" | 16 #include "public/platform/WebTraceLocation.h" |
13 | 17 |
14 namespace blink { | 18 namespace blink { |
15 | 19 |
| 20 namespace { |
| 21 |
| 22 String GetErrorStringForDisallowedLoad(const KURL& url) { |
| 23 // TODO(shivanisha): Update the string when finalized. |
| 24 StringBuilder builder; |
| 25 builder.Append("Subresource filtering disallowed loading this resource, "); |
| 26 builder.Append(url.GetString()); |
| 27 builder.Append("."); |
| 28 return builder.ToString(); |
| 29 } |
| 30 |
| 31 } // namespace |
| 32 |
16 // static | 33 // static |
17 SubresourceFilter* SubresourceFilter::Create( | 34 SubresourceFilter* SubresourceFilter::Create( |
18 DocumentLoader* loader, | 35 DocumentLoader* loader, |
19 std::unique_ptr<WebDocumentSubresourceFilter> filter) { | 36 std::unique_ptr<WebDocumentSubresourceFilter> filter) { |
20 return new SubresourceFilter(loader, std::move(filter)); | 37 return new SubresourceFilter(loader, std::move(filter)); |
21 } | 38 } |
22 | 39 |
23 SubresourceFilter::SubresourceFilter( | 40 SubresourceFilter::SubresourceFilter( |
24 DocumentLoader* document_loader, | 41 DocumentLoader* document_loader, |
25 std::unique_ptr<WebDocumentSubresourceFilter> subresource_filter) | 42 std::unique_ptr<WebDocumentSubresourceFilter> subresource_filter) |
26 : document_loader_(document_loader), | 43 : document_loader_(document_loader), |
27 subresource_filter_(std::move(subresource_filter)) {} | 44 subresource_filter_(std::move(subresource_filter)) {} |
28 | 45 |
29 SubresourceFilter::~SubresourceFilter() {} | 46 SubresourceFilter::~SubresourceFilter() {} |
30 | 47 |
31 bool SubresourceFilter::AllowLoad( | 48 bool SubresourceFilter::AllowLoad( |
32 const KURL& resource_url, | 49 const KURL& resource_url, |
33 WebURLRequest::RequestContext request_context, | 50 WebURLRequest::RequestContext request_context, |
34 SecurityViolationReportingPolicy reporting_policy) { | 51 SecurityViolationReportingPolicy reporting_policy) { |
35 // TODO(csharrison): Implement a caching layer here which is a HashMap of | 52 // TODO(csharrison): Implement a caching layer here which is a HashMap of |
36 // Pair<url string, context> -> LoadPolicy. | 53 // Pair<url string, context> -> LoadPolicy. |
37 WebDocumentSubresourceFilter::LoadPolicy load_policy = | 54 WebDocumentSubresourceFilter::LoadPolicy load_policy = |
38 subresource_filter_->GetLoadPolicy(resource_url, request_context); | 55 subresource_filter_->GetLoadPolicy(resource_url, request_context); |
| 56 |
39 if (reporting_policy == SecurityViolationReportingPolicy::kReport) | 57 if (reporting_policy == SecurityViolationReportingPolicy::kReport) |
40 ReportLoad(load_policy); | 58 ReportLoad(resource_url, load_policy); |
41 return load_policy != WebDocumentSubresourceFilter::kDisallow; | 59 return load_policy != WebDocumentSubresourceFilter::kDisallow; |
42 } | 60 } |
43 | 61 |
44 bool SubresourceFilter::AllowWebSocketConnection(const KURL& url) { | 62 bool SubresourceFilter::AllowWebSocketConnection(const KURL& url) { |
45 WebDocumentSubresourceFilter::LoadPolicy load_policy = | 63 WebDocumentSubresourceFilter::LoadPolicy load_policy = |
46 subresource_filter_->GetLoadPolicyForWebSocketConnect(url); | 64 subresource_filter_->GetLoadPolicyForWebSocketConnect(url); |
47 | 65 |
48 // Post a task to notify this load to avoid unduly blocking the worker | 66 // Post a task to notify this load to avoid unduly blocking the worker |
49 // thread. Note that this unconditionally calls reportLoad unlike allowLoad, | 67 // thread. Note that this unconditionally calls reportLoad unlike allowLoad, |
50 // because there aren't developer-invisible connections (like speculative | 68 // because there aren't developer-invisible connections (like speculative |
51 // preloads) happening here. | 69 // preloads) happening here. |
52 RefPtr<WebTaskRunner> task_runner = TaskRunnerHelper::Get( | 70 RefPtr<WebTaskRunner> task_runner = TaskRunnerHelper::Get( |
53 TaskType::kNetworking, document_loader_->GetFrame()); | 71 TaskType::kNetworking, document_loader_->GetFrame()); |
54 DCHECK(task_runner->RunsTasksOnCurrentThread()); | 72 DCHECK(task_runner->RunsTasksOnCurrentThread()); |
55 task_runner->PostTask(BLINK_FROM_HERE, | 73 task_runner->PostTask(BLINK_FROM_HERE, |
56 WTF::Bind(&SubresourceFilter::ReportLoad, | 74 WTF::Bind(&SubresourceFilter::ReportLoad, |
57 WrapPersistent(this), load_policy)); | 75 WrapPersistent(this), url, load_policy)); |
58 return load_policy != WebDocumentSubresourceFilter::kDisallow; | 76 return load_policy != WebDocumentSubresourceFilter::kDisallow; |
59 } | 77 } |
60 | 78 |
61 void SubresourceFilter::ReportLoad( | 79 void SubresourceFilter::ReportLoad( |
| 80 const KURL& resource_url, |
62 WebDocumentSubresourceFilter::LoadPolicy load_policy) { | 81 WebDocumentSubresourceFilter::LoadPolicy load_policy) { |
| 82 Document* document = document_loader_->GetFrame() |
| 83 ? document_loader_->GetFrame()->GetDocument() |
| 84 : nullptr; |
63 switch (load_policy) { | 85 switch (load_policy) { |
64 case WebDocumentSubresourceFilter::kAllow: | 86 case WebDocumentSubresourceFilter::kAllow: |
65 break; | 87 break; |
66 case WebDocumentSubresourceFilter::kDisallow: | 88 case WebDocumentSubresourceFilter::kDisallow: |
67 subresource_filter_->ReportDisallowedLoad(); | 89 subresource_filter_->ReportDisallowedLoad(); |
| 90 |
| 91 // Display console message for actually blocked resource. For a |
| 92 // resource with |load_policy| as kWouldDisallow, we will be logging a |
| 93 // document wide console message, so no need to log it here. |
| 94 // TODO: Consider logging this as a kInterventionMessageSource for showing |
| 95 // warning in Lighthouse. |
| 96 if (document && subresource_filter_->ShouldLogToConsole()) { |
| 97 document->AddConsoleMessage(ConsoleMessage::Create( |
| 98 kOtherMessageSource, kErrorMessageLevel, |
| 99 GetErrorStringForDisallowedLoad(resource_url))); |
| 100 } |
68 // fall through | 101 // fall through |
69 case WebDocumentSubresourceFilter::kWouldDisallow: | 102 case WebDocumentSubresourceFilter::kWouldDisallow: |
70 // TODO(csharrison): log console errors here based on | |
71 // subresource_filter_->ShouldLogToConsole(). | |
72 document_loader_->DidObserveLoadingBehavior( | 103 document_loader_->DidObserveLoadingBehavior( |
73 kWebLoadingBehaviorSubresourceFilterMatch); | 104 kWebLoadingBehaviorSubresourceFilterMatch); |
74 break; | 105 break; |
75 } | 106 } |
76 } | 107 } |
77 | 108 |
78 } // namespace blink | 109 } // namespace blink |
OLD | NEW |