Chromium Code Reviews Chromium Code Reviews
Issue 338483002:
Chrome Participated Tamper Detect (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_TAMPER_DETE CT_H_ | |
| 6 #define COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_TAMPER_DETE CT_H_ | |
| 7 | |
| 8 #include "net/http/http_response_headers.h" | |
| 9 | |
| 10 namespace data_reduction_proxy { | |
| 11 | |
| 12 // Exported for unittest | |
| 13 // Check whether values of data reduction proxy's header Chrome-Proxy | |
| 14 // have been tampered or not. | |
| 15 // It takes two parameters as input, | |
| 16 // 1. fingerprint received from data reduction proxy | |
| 17 // 2. the response, a pointer to HttpResponseHeaders | |
| 18 // Returns true if it has been tampered. | |
| 19 bool CheckHeaderChromeProxy(const std::string, | |
|
bolian
2014/06/27 00:49:02
const std::string& here and others.
xingx
2014/06/27 16:34:37
Done.
| |
| 20 const net::HttpResponseHeaders*); | |
| 21 | |
| 22 // Exported for unittest. | |
| 23 // Check whether there are proxies/middleboxes between Chrome | |
| 24 // and data reduction proxy. Concretely, it checks whether there are other | |
| 25 // proxies/middleboxes' name after data reduction proxy's name in Via header. | |
| 26 // It takes two parameters as input, | |
| 27 // 1. fingerprint received from data reduction proxy | |
| 28 // 2. the response, a pointer to HttpResponseHeaders | |
| 29 // Returns true if there are. | |
| 30 bool CheckHeaderVia(const std::string, const net::HttpResponseHeaders*); | |
| 31 | |
| 32 // Exported for unittest. | |
| 33 // Check whether the values of a predefined list of headers have been tampered. | |
| 34 // It takes two parameters as input, | |
| 35 // 1. fingerprint received from data reduction proxy | |
| 36 // 2. the response, a pointer to HttpResponseHeaders | |
| 37 // Returns true if tamper detected for these headers. | |
| 38 bool CheckHeaderOtherHeaders(const std::string, | |
| 39 const net::HttpResponseHeaders*); | |
| 40 | |
| 41 // Exported for unittest. | |
| 42 // Check whether the Content-Length value is different from what | |
| 43 // data reduction proxy sees. This is an indicator that the response body | |
| 44 // have been modified. | |
| 45 // It takes two parameters as input, | |
| 46 // 1. fingerprint received from data reduction proxy | |
| 47 // 2. the response, a pointer to HttpResponseHeaders | |
| 48 // Returns true if different Content-Length value is observed. | |
| 49 bool CheckHeaderContentLength(const std::string, | |
| 50 const net::HttpResponseHeaders*); | |
| 51 | |
| 52 // The main function for detecting tamper. | |
| 53 // It takes two parameters as input, | |
| 54 // 1. a pointer to HttpResponseHeaders, | |
| 55 // 2. a boolean variable indicates whether the connection | |
| 56 // between Chrome and data reduction proxy is on HTTPS or not. | |
| 57 // For such response, the function checks whether there is a tamper detect | |
| 58 // request from data reduction proxy, if so, it checks whether there are | |
| 59 // tampers and report the results to UMA. | |
| 60 void CheckResponseFingerprint(const net::HttpResponseHeaders*, const bool); | |
| 61 | |
| 62 } // namespace data_reduction_proxy | |
| 63 #endif // COMPONENTS_DATA_REDUCTION_PROXY_BROWSER_DATA_REDUCTION_PROXY_TAMPER_D ETECT_H_ | |
| OLD | NEW |
