| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/safe_browsing/safe_browsing_url_checker_impl.h" |
| 6 |
| 7 #include "chrome/browser/prerender/prerender_contents.h" |
| 8 #include "chrome/browser/safe_browsing/ui_manager.h" |
| 9 #include "content/public/browser/browser_thread.h" |
| 10 #include "content/public/browser/web_contents.h" |
| 11 #include "net/base/load_flags.h" |
| 12 |
| 13 namespace safe_browsing { |
| 14 namespace { |
| 15 |
| 16 // TODO(yzshen): Share such value with safe_browsing::BaseResourceThrottle. |
| 17 // Maximum time in milliseconds to wait for the SafeBrowsing service reputation |
| 18 // check. After this amount of time the outstanding check will be aborted, and |
| 19 // the resource will be treated as if it were safe. |
| 20 const int kCheckUrlTimeoutMs = 5000; |
| 21 |
| 22 } // namespace |
| 23 |
| 24 SafeBrowsingUrlCheckerImpl::SafeBrowsingUrlCheckerImpl( |
| 25 int load_flags, |
| 26 content::ResourceType resource_type, |
| 27 scoped_refptr<SafeBrowsingDatabaseManager> database_manager, |
| 28 scoped_refptr<SafeBrowsingUIManager> ui_manager, |
| 29 const base::Callback<content::WebContents*()>& web_contents_getter) |
| 30 : load_flags_(load_flags), |
| 31 resource_type_(resource_type), |
| 32 web_contents_getter_(web_contents_getter), |
| 33 database_manager_(std::move(database_manager)), |
| 34 ui_manager_(std::move(ui_manager)), |
| 35 weak_factory_(this) {} |
| 36 |
| 37 SafeBrowsingUrlCheckerImpl::~SafeBrowsingUrlCheckerImpl() { |
| 38 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); |
| 39 |
| 40 if (state_ == STATE_CHECKING_URL) |
| 41 database_manager_->CancelCheck(this); |
| 42 |
| 43 for (size_t i = next_index_; i < callbacks_.size(); ++i) |
| 44 std::move(callbacks_[i]).Run(false); |
| 45 } |
| 46 |
| 47 void SafeBrowsingUrlCheckerImpl::CheckUrl(const GURL& url, |
| 48 CheckUrlCallback callback) { |
| 49 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); |
| 50 |
| 51 DVLOG(1) << "SafeBrowsingUrlCheckerImpl checks URL: " << url; |
| 52 urls_.push_back(url); |
| 53 callbacks_.push_back(std::move(callback)); |
| 54 |
| 55 ProcessUrls(); |
| 56 } |
| 57 |
| 58 void SafeBrowsingUrlCheckerImpl::OnCheckBrowseUrlResult( |
| 59 const GURL& url, |
| 60 SBThreatType threat_type, |
| 61 const ThreatMetadata& metadata) { |
| 62 DCHECK_EQ(STATE_CHECKING_URL, state_); |
| 63 DCHECK_LT(next_index_, urls_.size()); |
| 64 DCHECK_EQ(urls_[next_index_], url); |
| 65 |
| 66 timer_.Stop(); |
| 67 if (threat_type == SB_THREAT_TYPE_SAFE) { |
| 68 state_ = STATE_NONE; |
| 69 std::move(callbacks_[next_index_]).Run(true); |
| 70 next_index_++; |
| 71 ProcessUrls(); |
| 72 return; |
| 73 } |
| 74 |
| 75 if (load_flags_ & net::LOAD_PREFETCH) { |
| 76 // TODO(yzshen): Destroy prerender contents if necessary. |
| 77 |
| 78 BlockAndProcessUrls(); |
| 79 return; |
| 80 } |
| 81 |
| 82 security_interstitials::UnsafeResource resource; |
| 83 resource.url = url; |
| 84 resource.original_url = urls_[0]; |
| 85 if (urls_.size() > 1) |
| 86 resource.redirect_urls = std::vector<GURL>(urls_.begin() + 1, urls_.end()); |
| 87 resource.is_subresource = resource_type_ != content::RESOURCE_TYPE_MAIN_FRAME; |
| 88 resource.is_subframe = resource_type_ == content::RESOURCE_TYPE_SUB_FRAME; |
| 89 resource.threat_type = threat_type; |
| 90 resource.threat_metadata = metadata; |
| 91 resource.callback = |
| 92 base::Bind(&SafeBrowsingUrlCheckerImpl::OnBlockingPageComplete, |
| 93 weak_factory_.GetWeakPtr()); |
| 94 resource.callback_thread = content::BrowserThread::GetTaskRunnerForThread( |
| 95 content::BrowserThread::IO); |
| 96 resource.web_contents_getter = web_contents_getter_; |
| 97 resource.threat_source = database_manager_->GetThreatSource(); |
| 98 |
| 99 state_ = STATE_DISPLAYING_BLOCKING_PAGE; |
| 100 |
| 101 content::BrowserThread::PostTask( |
| 102 content::BrowserThread::UI, FROM_HERE, |
| 103 base::Bind(&SafeBrowsingUrlCheckerImpl::StartDisplayingBlockingPage, |
| 104 weak_factory_.GetWeakPtr(), ui_manager_, resource)); |
| 105 } |
| 106 |
| 107 // static |
| 108 void SafeBrowsingUrlCheckerImpl::StartDisplayingBlockingPage( |
| 109 const base::WeakPtr<SafeBrowsingUrlCheckerImpl>& checker, |
| 110 scoped_refptr<BaseUIManager> ui_manager, |
| 111 const security_interstitials::UnsafeResource& resource) { |
| 112 content::WebContents* web_contents = resource.web_contents_getter.Run(); |
| 113 if (web_contents) { |
| 114 prerender::PrerenderContents* prerender_contents = |
| 115 prerender::PrerenderContents::FromWebContents(web_contents); |
| 116 if (prerender_contents) { |
| 117 prerender_contents->Destroy(prerender::FINAL_STATUS_SAFE_BROWSING); |
| 118 } else { |
| 119 ui_manager->DisplayBlockingPage(resource); |
| 120 return; |
| 121 } |
| 122 } |
| 123 |
| 124 // Tab is gone or it's being prerendered. |
| 125 content::BrowserThread::PostTask( |
| 126 content::BrowserThread::IO, FROM_HERE, |
| 127 base::BindOnce(&SafeBrowsingUrlCheckerImpl::BlockAndProcessUrls, |
| 128 checker)); |
| 129 } |
| 130 |
| 131 void SafeBrowsingUrlCheckerImpl::OnCheckUrlTimeout() { |
| 132 database_manager_->CancelCheck(this); |
| 133 |
| 134 OnCheckBrowseUrlResult(urls_[next_index_], safe_browsing::SB_THREAT_TYPE_SAFE, |
| 135 ThreatMetadata()); |
| 136 } |
| 137 |
| 138 void SafeBrowsingUrlCheckerImpl::ProcessUrls() { |
| 139 DCHECK_NE(STATE_BLOCKED, state_); |
| 140 |
| 141 if (state_ == STATE_CHECKING_URL || |
| 142 state_ == STATE_DISPLAYING_BLOCKING_PAGE) { |
| 143 return; |
| 144 } |
| 145 |
| 146 while (next_index_ < urls_.size()) { |
| 147 DCHECK_EQ(STATE_NONE, state_); |
| 148 // TODO(yzshen): Consider moving CanCheckResourceType() to the renderer |
| 149 // side. That would save some IPCs. It requires a method on the |
| 150 // SafeBrowsing mojo interface to query all supported resource types. |
| 151 if (!database_manager_->CanCheckResourceType(resource_type_) || |
| 152 database_manager_->CheckBrowseUrl(urls_[next_index_], this)) { |
| 153 std::move(callbacks_[next_index_]).Run(true); |
| 154 next_index_++; |
| 155 continue; |
| 156 } |
| 157 |
| 158 state_ = STATE_CHECKING_URL; |
| 159 // Start a timer to abort the check if it takes too long. |
| 160 timer_.Start(FROM_HERE, |
| 161 base::TimeDelta::FromMilliseconds(kCheckUrlTimeoutMs), this, |
| 162 &SafeBrowsingUrlCheckerImpl::OnCheckUrlTimeout); |
| 163 |
| 164 break; |
| 165 } |
| 166 } |
| 167 |
| 168 void SafeBrowsingUrlCheckerImpl::BlockAndProcessUrls() { |
| 169 DVLOG(1) << "SafeBrowsingUrlCheckerImpl blocks URL: " << urls_[next_index_]; |
| 170 state_ = STATE_BLOCKED; |
| 171 |
| 172 // If user decided to not proceed through a warning, mark all the remaining |
| 173 // redirects as "bad". |
| 174 for (; next_index_ < callbacks_.size(); ++next_index_) |
| 175 std::move(callbacks_[next_index_]).Run(false); |
| 176 } |
| 177 |
| 178 void SafeBrowsingUrlCheckerImpl::OnBlockingPageComplete(bool proceed) { |
| 179 DCHECK_EQ(STATE_DISPLAYING_BLOCKING_PAGE, state_); |
| 180 |
| 181 if (proceed) { |
| 182 state_ = STATE_NONE; |
| 183 std::move(callbacks_[next_index_]).Run(true); |
| 184 next_index_++; |
| 185 ProcessUrls(); |
| 186 } else { |
| 187 BlockAndProcessUrls(); |
| 188 } |
| 189 } |
| 190 |
| 191 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2924723002:
Network service: SafeBrowsing check for frame-resources from browser. (Closed)
