net/base/sdch_manager.cc - Issue 423813002: Sdch view for net-internals

Unified Diff: net/base/sdch_manager.cc

Issue 423813002: Sdch view for net-internals (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Change comments and netlog field name Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/sdch_manager.cc

diff --git a/net/base/sdch_manager.cc b/net/base/sdch_manager.cc

index fee75e58f2fd11170213447a1fc911547e261ab4..b744334b9dd800a3354d14a0a978bcbd29a0939d 100644

--- a/net/base/sdch_manager.cc

+++ b/net/base/sdch_manager.cc

@@ -9,6 +9,7 @@

#include "base/metrics/histogram.h"

#include "base/strings/string_number_conversions.h"

#include "base/strings/string_util.h"

+#include "base/values.h"

#include "crypto/sha2.h"

#include "net/base/registry_controlled_domains/registry_controlled_domain.h"

#include "net/url_request/url_request_http_job.h"

@@ -36,6 +37,10 @@ bool SdchManager::g_sdch_enabled_ = true;

bool SdchManager::g_secure_scheme_supported_ = false;

//------------------------------------------------------------------------------

+SdchManager::AddResult::AddResult() : added(false), problem(PROBLEM_CODE_OK) {

SdchManager::Dictionary::Dictionary(const std::string& dictionary_text,

size_t offset,

const std::string& client_hash,

@@ -56,7 +61,7 @@ SdchManager::Dictionary::Dictionary(const std::string& dictionary_text,

SdchManager::Dictionary::~Dictionary() {

}

-bool SdchManager::Dictionary::CanAdvertise(const GURL& target_url) {

+bool SdchManager::Dictionary::CanAdvertise(const GURL& target_url) const {

/* The specific rules of when a dictionary should be advertised in an

Avail-Dictionary header are modeled after the rules for cookie scoping. The

terms "domain-match" and "pathmatch" are defined in RFC 2965 [6]. A

@@ -87,14 +92,32 @@ bool SdchManager::Dictionary::CanAdvertise(const GURL& target_url) {

return true;

}

+base::DictionaryValue* SdchManager::Dictionary::DictionaryInfoToValue() const {

+ base::DictionaryValue* value = new base::DictionaryValue();

+ value->SetString("url", url_.spec());

+ value->SetString("client_hash", client_hash_);

+ value->SetString("domain", domain_);

+ value->SetString("path", path_);

+ value->SetString("expiration",

+ base::Int64ToString(expiration_.ToInternalValue()));

+ base::ListValue* port_list = new base::ListValue();

+ for (std::set<int>::const_iterator it = ports_.begin(); it != ports_.end();

+ ++it) {

+ port_list->AppendInteger(*it);

+ }

+ value->Set("ports", port_list);

+ return value;

//------------------------------------------------------------------------------

// Security functions restricting loads and use of dictionaries.

// static

-bool SdchManager::Dictionary::CanSet(const std::string& domain,

- const std::string& path,

- const std::set<int>& ports,

- const GURL& dictionary_url) {

+SdchManager::ProblemCodes SdchManager::Dictionary::CanSet(

+ const std::string& domain,

+ const std::string& path,

+ const std::set<int>& ports,

+ const GURL& dictionary_url) {

A dictionary is invalid and must not be stored if any of the following are

true:

@@ -113,20 +136,16 @@ bool SdchManager::Dictionary::CanSet(const std::string& domain,

// and hence the conservative approach is to not allow any redirects (if there

// were any... then don't allow the dictionary to be set).

- if (domain.empty()) {

- SdchErrorRecovery(DICTIONARY_MISSING_DOMAIN_SPECIFIER);

- return false; // Domain is required.

- }

+ if (domain.empty())

+ return DICTIONARY_MISSING_DOMAIN_SPECIFIER; // Domain is required.

if (registry_controlled_domains::GetDomainAndRegistry(

- domain,

- registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES).empty()) {

- SdchErrorRecovery(DICTIONARY_SPECIFIES_TOP_LEVEL_DOMAIN);

- return false; // domain was a TLD.

- }

- if (!Dictionary::DomainMatch(dictionary_url, domain)) {

- SdchErrorRecovery(DICTIONARY_DOMAIN_NOT_MATCHING_SOURCE_URL);

- return false;

- }

+ domain, registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)

+ .empty())

+ return DICTIONARY_SPECIFIES_TOP_LEVEL_DOMAIN; // domain was a TLD.

+ if (!Dictionary::DomainMatch(dictionary_url, domain))

+ return DICTIONARY_DOMAIN_NOT_MATCHING_SOURCE_URL;

std::string referrer_url_host = dictionary_url.host();

size_t postfix_domain_index = referrer_url_host.rfind(domain);

@@ -134,23 +153,19 @@ bool SdchManager::Dictionary::CanSet(const std::string& domain,

if (referrer_url_host.size() == postfix_domain_index + domain.size()) {

// It is a postfix... so check to see if there's a dot in the prefix.

size_t end_of_host_index = referrer_url_host.find_first_of('.');

- if (referrer_url_host.npos != end_of_host_index &&

- end_of_host_index < postfix_domain_index) {

- SdchErrorRecovery(DICTIONARY_REFERER_URL_HAS_DOT_IN_PREFIX);

- return false;

- }

+ if (referrer_url_host.npos != end_of_host_index &&

+ end_of_host_index < postfix_domain_index)

+ return DICTIONARY_REFERER_URL_HAS_DOT_IN_PREFIX;

}

- if (!ports.empty()

- && 0 == ports.count(dictionary_url.EffectiveIntPort())) {

- SdchErrorRecovery(DICTIONARY_PORT_NOT_MATCHING_SOURCE_URL);

- return false;

- }

- return true;

+ if (!ports.empty() && 0 == ports.count(dictionary_url.EffectiveIntPort()))

+ return DICTIONARY_PORT_NOT_MATCHING_SOURCE_URL;

+ return PROBLEM_CODE_OK;

}

-// static

-bool SdchManager::Dictionary::CanUse(const GURL& referring_url) {

+SdchManager::ProblemCodes SdchManager::Dictionary::CanUse(

+ const GURL& referring_url) const {

1. The request URL's host name domain-matches the Domain attribute of the

dictionary.

@@ -162,39 +177,30 @@ bool SdchManager::Dictionary::CanUse(const GURL& referring_url) {

HTTPS support AND the dictionary acquisition scheme matches the target

url scheme.

- if (!DomainMatch(referring_url, domain_)) {

- SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_DOMAIN);

- return false;

- }

- if (!ports_.empty()

- && 0 == ports_.count(referring_url.EffectiveIntPort())) {

- SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_PORT_LIST);

- return false;

- }

- if (path_.size() && !PathMatch(referring_url.path(), path_)) {

- SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_PATH);

- return false;

- }

- if (!SdchManager::secure_scheme_supported() &&

- referring_url.SchemeIsSecure()) {

- SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_SCHEME);

- return false;

- }

- if (referring_url.SchemeIsSecure() != url_.SchemeIsSecure()) {

- SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_SCHEME);

- return false;

- }

+ if (!DomainMatch(referring_url, domain_))

+ return DICTIONARY_FOUND_HAS_WRONG_DOMAIN;

+ if (!ports_.empty() && 0 == ports_.count(referring_url.EffectiveIntPort()))

+ return DICTIONARY_FOUND_HAS_WRONG_PORT_LIST;

+ if (path_.size() && !PathMatch(referring_url.path(), path_))

+ return DICTIONARY_FOUND_HAS_WRONG_PATH;

+ if (!SdchManager::secure_scheme_supported() && referring_url.SchemeIsSecure())

+ return DICTIONARY_FOUND_HAS_WRONG_SCHEME;

+ if (referring_url.SchemeIsSecure() != url_.SchemeIsSecure())

+ return DICTIONARY_FOUND_HAS_WRONG_SCHEME;

// TODO(jar): Remove overly restrictive failsafe test (added per security

// review) when we have a need to be more general.

- if (!referring_url.SchemeIsHTTPOrHTTPS()) {

- SdchErrorRecovery(ATTEMPT_TO_DECODE_NON_HTTP_DATA);

- return false;

- }

+ if (!referring_url.SchemeIsHTTPOrHTTPS())

+ return ATTEMPT_TO_DECODE_NON_HTTP_DATA;

- return true;

+ return PROBLEM_CODE_OK;

}

+// static

bool SdchManager::Dictionary::PathMatch(const std::string& path,

const std::string& restriction) {

/* Must be either:

@@ -315,38 +321,62 @@ int SdchManager::BlacklistDomainExponential(const std::string& domain) {

bool SdchManager::IsInSupportedDomain(const GURL& url) {

DCHECK(CalledOnValidThread());

+ if (!IsSdchEnabledForUrl(url))

baranovich 2014/08/02 21:17:24 I've split this method into two for 2 reasons: 1)

+ return false;

+ if (IsInBlacklistedDomain(url)) {

+ SdchErrorRecovery(DOMAIN_BLACKLIST_INCLUDES_TARGET);

+ return false;

+ }

+ return true;

+// static

+bool SdchManager::IsSdchEnabledForUrl(const GURL& url) {

if (!g_sdch_enabled_ )

return false;

if (!secure_scheme_supported() && url.SchemeIsSecure())

return false;

+ return true;

+bool SdchManager::IsInBlacklistedDomain(const GURL& url) {

if (blacklisted_domains_.empty())

- return true;

+ return false;

std::string domain(StringToLowerASCII(url.host()));

DomainCounter::iterator it = blacklisted_domains_.find(domain);

if (blacklisted_domains_.end() == it)

- return true;

+ return false;

int count = it->second - 1;

if (count > 0)

blacklisted_domains_[domain] = count;

else

blacklisted_domains_.erase(domain);

- SdchErrorRecovery(DOMAIN_BLACKLIST_INCLUDES_TARGET);

- return false;

+ return true;

}

-void SdchManager::FetchDictionary(const GURL& request_url,

- const GURL& dictionary_url) {

+SdchManager::ProblemCodes SdchManager::FetchDictionary(

+ const GURL& request_url,

+ const GURL& dictionary_url) {

DCHECK(CalledOnValidThread());

- if (CanFetchDictionary(request_url, dictionary_url) && fetcher_.get())

+ ProblemCodes rv = CanFetchDictionary(request_url, dictionary_url);

+ if (rv != PROBLEM_CODE_OK)

+ return rv;

+ if (fetcher_.get())

fetcher_->Schedule(dictionary_url);

+ return PROBLEM_CODE_OK;

}

-bool SdchManager::CanFetchDictionary(const GURL& referring_url,

- const GURL& dictionary_url) const {

+SdchManager::ProblemCodes SdchManager::CanFetchDictionary(

+ const GURL& referring_url,

+ const GURL& dictionary_url) const {

DCHECK(CalledOnValidThread());

/* The user agent may retrieve a dictionary from the dictionary URL if all of

the following are true:

@@ -361,34 +391,31 @@ bool SdchManager::CanFetchDictionary(const GURL& referring_url,

// Item (1) above implies item (2). Spec should be updated.

// I take "host name match" to be "is identical to"

if (referring_url.host() != dictionary_url.host() ||

- referring_url.scheme() != dictionary_url.scheme()) {

- SdchErrorRecovery(DICTIONARY_LOAD_ATTEMPT_FROM_DIFFERENT_HOST);

- return false;

- }

- if (!secure_scheme_supported() && referring_url.SchemeIsSecure()) {

- SdchErrorRecovery(DICTIONARY_SELECTED_FOR_SSL);

- return false;

- }

+ referring_url.scheme() != dictionary_url.scheme())

+ return DICTIONARY_LOAD_ATTEMPT_FROM_DIFFERENT_HOST;

+ if (!secure_scheme_supported() && referring_url.SchemeIsSecure())

+ return DICTIONARY_SELECTED_FOR_SSL;

// TODO(jar): Remove this failsafe conservative hack which is more restrictive

// than current SDCH spec when needed, and justified by security audit.

- if (!referring_url.SchemeIsHTTPOrHTTPS()) {

- SdchErrorRecovery(DICTIONARY_SELECTED_FROM_NON_HTTP);

- return false;

- }

+ if (!referring_url.SchemeIsHTTPOrHTTPS())

+ return DICTIONARY_SELECTED_FROM_NON_HTTP;

- return true;

+ return PROBLEM_CODE_OK;

}

-bool SdchManager::AddSdchDictionary(const std::string& dictionary_text,

+SdchManager::AddResult SdchManager::AddSdchDictionary(

+ const std::string& dictionary_text,

const GURL& dictionary_url) {

DCHECK(CalledOnValidThread());

std::string client_hash;

std::string server_hash;

GenerateHash(dictionary_text, &client_hash, &server_hash);

+ AddResult rv;

if (dictionaries_.find(server_hash) != dictionaries_.end()) {

- SdchErrorRecovery(DICTIONARY_ALREADY_LOADED);

- return false; // Already loaded.

+ rv.problem = DICTIONARY_ALREADY_LOADED; // Already loaded.

+ return rv;

}

std::string domain, path;

@@ -396,15 +423,16 @@ bool SdchManager::AddSdchDictionary(const std::string& dictionary_text,

base::Time expiration(base::Time::Now() + base::TimeDelta::FromDays(30));

if (dictionary_text.empty()) {

- SdchErrorRecovery(DICTIONARY_HAS_NO_TEXT);

- return false; // Missing header.

+ rv.problem = DICTIONARY_HAS_NO_TEXT; // Empty response.

+ return rv;

}

size_t header_end = dictionary_text.find("\n\n");

if (std::string::npos == header_end) {

- SdchErrorRecovery(DICTIONARY_HAS_NO_HEADER);

- return false; // Missing header.

+ rv.problem = DICTIONARY_HAS_NO_HEADER; // Missing header.

+ return rv;

}

size_t line_start = 0; // Start of line being parsed.

while (1) {

size_t line_end = dictionary_text.find('\n', line_start);

@@ -413,8 +441,9 @@ bool SdchManager::AddSdchDictionary(const std::string& dictionary_text,

size_t colon_index = dictionary_text.find(':', line_start);

if (std::string::npos == colon_index) {

- SdchErrorRecovery(DICTIONARY_HEADER_LINE_MISSING_COLON);

- return false; // Illegal line missing a colon.

+ // Illegal line missing a colon.

+ rv.problem = DICTIONARY_HEADER_LINE_MISSING_COLON;

+ return rv;

}

if (colon_index > line_end)

@@ -433,8 +462,10 @@ bool SdchManager::AddSdchDictionary(const std::string& dictionary_text,

} else if (name == "path") {

path = value;

} else if (name == "format-version") {

- if (value != "1.0")

- return false;

+ if (value != "1.0") {

+ // TODO(baranovich): add problem code to track unsupported versions?

+ return rv;

+ }

} else if (name == "max-age") {

int64 seconds;

base::StringToInt64(value, &seconds);

@@ -452,23 +483,31 @@ bool SdchManager::AddSdchDictionary(const std::string& dictionary_text,

line_start = line_end + 1;

}

- if (!IsInSupportedDomain(dictionary_url))

- return false;

+ if (!IsSdchEnabledForUrl(dictionary_url))

+ return rv;

- if (!Dictionary::CanSet(domain, path, ports, dictionary_url))

- return false;

+ if (IsInBlacklistedDomain(dictionary_url)) {

+ rv.problem = DOMAIN_BLACKLIST_INCLUDES_TARGET;

+ return rv;

+ }

+ ProblemCodes err = Dictionary::CanSet(domain, path, ports, dictionary_url);

+ if (err != PROBLEM_CODE_OK) {

+ rv.problem = err;

+ return rv;

+ }

// TODO(jar): Remove these hacks to preclude a DOS attack involving piles of

// useless dictionaries. We should probably have a cache eviction plan,

// instead of just blocking additions. For now, with the spec in flux, it

// is probably not worth doing eviction handling.

if (kMaxDictionarySize < dictionary_text.size()) {

- SdchErrorRecovery(DICTIONARY_IS_TOO_LARGE);

- return false;

+ rv.problem = DICTIONARY_IS_TOO_LARGE;

+ return rv;

}

if (kMaxDictionaryCount <= dictionaries_.size()) {

- SdchErrorRecovery(DICTIONARY_COUNT_EXCEEDED);

- return false;

+ rv.problem = DICTIONARY_COUNT_EXCEEDED;

+ return rv;

}

UMA_HISTOGRAM_COUNTS("Sdch3.Dictionary size loaded", dictionary_text.size());

@@ -478,25 +517,32 @@ bool SdchManager::AddSdchDictionary(const std::string& dictionary_text,

new Dictionary(dictionary_text, header_end + 2, client_hash,

dictionary_url, domain, path, expiration, ports);

dictionaries_[server_hash] = dictionary;

- return true;

+ rv.added = true;

+ return rv;

}

-void SdchManager::GetVcdiffDictionary(

+SdchManager::ProblemCodes SdchManager::GetVcdiffDictionary(

const std::string& server_hash,

const GURL& referring_url,

scoped_refptr<Dictionary>* dictionary) {

DCHECK(CalledOnValidThread());

*dictionary = NULL;

DictionaryMap::iterator it = dictionaries_.find(server_hash);

- if (it == dictionaries_.end()) {

- return;

- }

+ if (it == dictionaries_.end())

+ return PROBLEM_CODE_OK; // not a problem. Just no dictionary.

scoped_refptr<Dictionary> matching_dictionary = it->second;

- if (!IsInSupportedDomain(referring_url))

- return;

- if (!matching_dictionary->CanUse(referring_url))

- return;

- *dictionary = matching_dictionary;

+ if (!IsSdchEnabledForUrl(referring_url))

+ return PROBLEM_CODE_OK; // not a problem. SDCH is disabled.

+ if (IsInBlacklistedDomain(referring_url))

+ return DOMAIN_BLACKLIST_INCLUDES_TARGET;

+ ProblemCodes rv = matching_dictionary->CanUse(referring_url);

+ if (rv == PROBLEM_CODE_OK)

+ *dictionary = matching_dictionary;

+ return rv;

}

// TODO(jar): If we have evictions from the dictionaries_, then we need to

@@ -508,8 +554,9 @@ void SdchManager::GetAvailDictionaryList(const GURL& target_url,

int count = 0;

for (DictionaryMap::iterator it = dictionaries_.begin();

it != dictionaries_.end(); ++it) {

- if (!IsInSupportedDomain(target_url))

+ if (!IsInSupportedDomain(target_url)) {

continue;

+ }

if (!it->second->CanAdvertise(target_url))

continue;

++count;

@@ -537,6 +584,37 @@ void SdchManager::GenerateHash(const std::string& dictionary_text,

DCHECK_EQ(client_hash->length(), 8u);

}

+base::Value* SdchManager::SdchInfoToValue() const {

+ base::DictionaryValue* value = new base::DictionaryValue();

+ value->SetBoolean("sdch_enabled", sdch_enabled());

+ value->SetBoolean("secure_scheme_support", secure_scheme_supported());

+ base::ListValue* entry_list = new base::ListValue();

+ for (DictionaryMap::const_iterator it = dictionaries_.begin();

+ it != dictionaries_.end();

+ ++it) {

+ base::DictionaryValue* entry_dict = it->second->DictionaryInfoToValue();

+ entry_dict->SetString("server_hash", it->first);

+ entry_list->Append(entry_dict);

+ }

+ value->Set("dictionaries", entry_list);

+ entry_list = new base::ListValue();

+ for (DomainCounter::const_iterator it = blacklisted_domains_.begin();

+ it != blacklisted_domains_.end();

+ ++it) {

+ base::DictionaryValue* entry_dict = new base::DictionaryValue();

+ entry_dict->SetString("domain", it->first);

+ if (it->second != INT_MAX)

+ entry_dict->SetInteger("tries", it->second);

+ entry_list->Append(entry_dict);

+ }

+ value->Set("blacklisted", entry_list);

+ return value;

//------------------------------------------------------------------------------

// Methods for supporting latency experiments.

@@ -555,6 +633,8 @@ void SdchManager::SetAllowLatencyExperiment(const GURL& url, bool enable) {

ExperimentSet::iterator it = allow_latency_experiment_.find(url.host());

if (allow_latency_experiment_.end() == it)

return; // It was already erased, or never allowed.

+ // Do not send error up. It's internal stuff, I guess.

SdchErrorRecovery(LATENCY_TEST_DISALLOWED);

allow_latency_experiment_.erase(it);

}

« net/base/sdch_manager.h ('K') | « net/base/sdch_manager.h ('k') | net/base/sdch_manager_unittest.cc » ('j') | net/filter/sdch_filter.h » ('J')