Safebrowsing download protection: handle data URIs

chrome/browser/safe_browsing/download_protection_service.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/safe_browsing/download_protection_service.h"
 
 #include "base/bind.h"
 #include "base/compiler_specific.h"
 #include "base/format_macros.h"
 #include "base/memory/scoped_ptr.h"
@@ skipping 19 matching lines @@
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/browser_list.h"
 #include "chrome/common/safe_browsing/csd.pb.h"
 #include "chrome/common/safe_browsing/download_protection_util.h"
 #include "chrome/common/safe_browsing/zip_analyzer.h"
 #include "chrome/common/url_constants.h"
 #include "components/google/core/browser/google_util.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/download_item.h"
 #include "content/public/browser/page_navigator.h"
+#include "crypto/sha2.h"
 #include "google_apis/google_api_keys.h"
 #include "net/base/escape.h"
 #include "net/base/load_flags.h"
 #include "net/cert/x509_cert_types.h"
 #include "net/cert/x509_certificate.h"
 #include "net/http/http_status_code.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_fetcher_delegate.h"
 #include "net/url_request/url_request_context_getter.h"
 #include "net/url_request/url_request_status.h"
@@ skipping 81 matching lines @@
   DOWNLOAD_URL_CHECKS_CANCELED,
   DOWNLOAD_URL_CHECKS_MALWARE,
 
   DOWNLOAD_HASH_CHECKS_TOTAL,
   DOWNLOAD_HASH_CHECKS_MALWARE,
 
   // Memory space for histograms is determined by the max.
   // ALWAYS ADD NEW VALUES BEFORE THIS ONE.
   DOWNLOAD_CHECKS_MAX
 };
+
+// Prepares URLs to be put into a ping message. Currently this just shortens
+// data: URIs, other URLs are included verbatim.
+std::string SanitizeUrl(const GURL& url) {
+  std::string spec = url.spec();
+  if (url.SchemeIs(url::kDataScheme)) {
+    size_t comma_pos = spec.find(',');
+    if (comma_pos != std::string::npos && comma_pos != spec.size() - 1) {
+      std::string hash_value = crypto::SHA256HashString(spec);
+      spec.erase(comma_pos + 1);
+      spec += base::HexEncode(hash_value.data(), hash_value.size());
+    }
+  }
+  return spec;
+}
+
 }  // namespace
 
 // Parent SafeBrowsing::Client class used to lookup the bad binary
 // URL and digest list.  There are two sub-classes (one for each list).
 class DownloadSBClient
     : public SafeBrowsingDatabaseManager::Client,
       public base::RefCountedThreadSafe<DownloadSBClient> {
  public:
   DownloadSBClient(
       const content::DownloadItem& item,
@@ skipping 309 matching lines @@
                                   ClientDownloadRequest::DownloadType* type) {
     if (item.GetUrlChain().empty()) {
       *reason = REASON_EMPTY_URL_CHAIN;
       return false;
     }
     const GURL& final_url = item.GetUrlChain().back();
     if (!final_url.is_valid() || final_url.is_empty()) {
       *reason = REASON_INVALID_URL;
       return false;
     }
-    if ((!final_url.IsStandard() && !final_url.SchemeIsBlob()) ||
+    if ((!final_url.IsStandard() && !final_url.SchemeIsBlob() &&
+         !final_url.SchemeIs(url::kDataScheme)) ||
         final_url.SchemeIsFile()) {
       *reason = REASON_UNSUPPORTED_URL_SCHEME;
       return false;
     }
     if (!download_protection_util::IsBinaryFile(target_path)) {
       *reason = REASON_NOT_BINARY_FILE;
       return false;
     }
     *type = download_protection_util::GetDownloadType(target_path);
     return true;
@@ skipping 209 matching lines @@
 
   void SendRequest() {
     DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
 
     // This is our last chance to check whether the request has been canceled
     // before sending it.
     if (!service_)
       return;
 
     ClientDownloadRequest request;
-    request.set_url(item_->GetUrlChain().back().spec());
+    request.set_url(SanitizeUrl(item_->GetUrlChain().back()));
     request.mutable_digests()->set_sha256(item_->GetHash());
     request.set_length(item_->GetReceivedBytes());
     for (size_t i = 0; i < item_->GetUrlChain().size(); ++i) {
       ClientDownloadRequest::Resource* resource = request.add_resources();
-      resource->set_url(item_->GetUrlChain()[i].spec());
+      resource->set_url(SanitizeUrl(item_->GetUrlChain()[i]));
       if (i == item_->GetUrlChain().size() - 1) {
         // The last URL in the chain is the download URL.
         resource->set_type(ClientDownloadRequest::DOWNLOAD_URL);
-        resource->set_referrer(item_->GetReferrerUrl().spec());
+        resource->set_referrer(SanitizeUrl(item_->GetReferrerUrl()));
         DVLOG(2) << "dl url " << resource->url();
         if (!item_->GetRemoteAddress().empty()) {
           resource->set_remote_ip(item_->GetRemoteAddress());
           DVLOG(2) << "  dl url remote addr: " << resource->remote_ip();
         }
         DVLOG(2) << "dl referrer " << resource->referrer();
       } else {
         DVLOG(2) << "dl redirect " << i << " " << resource->url();
         resource->set_type(ClientDownloadRequest::DOWNLOAD_REDIRECT);
       }
       // TODO(noelutz): fill out the remote IP addresses.
     }
     // TODO(mattm): fill out the remote IP addresses for tab resources.
     for (size_t i = 0; i < tab_redirects_.size(); ++i) {
       ClientDownloadRequest::Resource* resource = request.add_resources();
       DVLOG(2) << "tab redirect " << i << " " << tab_redirects_[i].spec();
-      resource->set_url(tab_redirects_[i].spec());
+      resource->set_url(SanitizeUrl(tab_redirects_[i]));
       resource->set_type(ClientDownloadRequest::TAB_REDIRECT);
     }
     if (tab_url_.is_valid()) {
       ClientDownloadRequest::Resource* resource = request.add_resources();
-      resource->set_url(tab_url_.spec());
+      resource->set_url(SanitizeUrl(tab_url_));
       DVLOG(2) << "tab url " << resource->url();
       resource->set_type(ClientDownloadRequest::TAB_URL);
       if (tab_referrer_url_.is_valid()) {
-        resource->set_referrer(tab_referrer_url_.spec());
+        resource->set_referrer(SanitizeUrl(tab_referrer_url_));
         DVLOG(2) << "tab referrer " << resource->referrer();
       }
     }
 
     request.set_user_initiated(item_->HasUserGesture());
     request.set_file_basename(
         item_->GetTargetFilePath().BaseName().AsUTF8Unsafe());
     request.set_download_type(type_);
     request.mutable_signature()->CopyFrom(signature_info_);
     request.mutable_image_headers()->CopyFrom(image_headers_);
@@ skipping 364 matching lines @@
 GURL DownloadProtectionService::GetDownloadRequestUrl() {
   GURL url(kDownloadRequestUrl);
   std::string api_key = google_apis::GetAPIKey();
   if (!api_key.empty())
     url = url.Resolve("?key=" + net::EscapeQueryParamValue(api_key, true));
 
   return url;
 }
 
 }  // namespace safe_browsing