| Index: chrome/browser/safe_browsing/malware_details.cc
|
| diff --git a/chrome/browser/safe_browsing/malware_details.cc b/chrome/browser/safe_browsing/malware_details.cc
|
| index f831a3ce0ab1c943c233a20155ff06bb7f91b89f..30cecd85fbbf86640c9aa8b590e6c00e93b8eda0 100644
|
| --- a/chrome/browser/safe_browsing/malware_details.cc
|
| +++ b/chrome/browser/safe_browsing/malware_details.cc
|
| @@ -96,13 +96,15 @@ bool MalwareDetails::OnMessageReceived(const IPC::Message& message) {
|
| return handled;
|
| }
|
|
|
| -bool MalwareDetails::IsPublicUrl(const GURL& url) const {
|
| - return url.SchemeIs("http"); // TODO(panayiotis): also skip internal urls.
|
| +bool MalwareDetails::IsReportableUrl(const GURL& url) const {
|
| + // TODO(panayiotis): also skip internal urls.
|
| + return url.SchemeIs("http") || url.SchemeIs("https");
|
| }
|
|
|
| // Looks for a Resource for the given url in resources_. If found, it
|
| // updates |resource|. Otherwise, it creates a new message, adds it to
|
| // resources_ and updates |resource| to point to it.
|
| +//
|
| ClientMalwareReportRequest::Resource* MalwareDetails::FindOrCreateResource(
|
| const GURL& url) {
|
| safe_browsing::ResourceMap::iterator it = resources_.find(url.spec());
|
| @@ -123,7 +125,7 @@ void MalwareDetails::AddUrl(const GURL& url,
|
| const GURL& parent,
|
| const std::string& tagname,
|
| const std::vector<GURL>* children) {
|
| - if (!url.is_valid() || !IsPublicUrl(url))
|
| + if (!url.is_valid() || !IsReportableUrl(url))
|
| return;
|
|
|
| // Find (or create) the resource for the url.
|
| @@ -131,7 +133,7 @@ void MalwareDetails::AddUrl(const GURL& url,
|
| FindOrCreateResource(url);
|
| if (!tagname.empty())
|
| url_resource->set_tag_name(tagname);
|
| - if (!parent.is_empty() && IsPublicUrl(parent)) {
|
| + if (!parent.is_empty() && IsReportableUrl(parent)) {
|
| // Add the resource for the parent.
|
| ClientMalwareReportRequest::Resource* parent_resource =
|
| FindOrCreateResource(parent);
|
| @@ -152,18 +154,18 @@ void MalwareDetails::StartCollection() {
|
| DVLOG(1) << "Starting to compute malware details.";
|
| report_.reset(new ClientMalwareReportRequest());
|
|
|
| - if (IsPublicUrl(resource_.url))
|
| + if (IsReportableUrl(resource_.url))
|
| report_->set_malware_url(resource_.url.spec());
|
|
|
| GURL page_url = web_contents()->GetURL();
|
| - if (IsPublicUrl(page_url))
|
| + if (IsReportableUrl(page_url))
|
| report_->set_page_url(page_url.spec());
|
|
|
| GURL referrer_url;
|
| NavigationEntry* nav_entry = web_contents()->GetController().GetActiveEntry();
|
| if (nav_entry) {
|
| referrer_url = nav_entry->GetReferrer().url;
|
| - if (IsPublicUrl(referrer_url)) {
|
| + if (IsReportableUrl(referrer_url)) {
|
| report_->set_referrer_url(referrer_url.spec());
|
| }
|
| }
|
| @@ -289,8 +291,16 @@ void MalwareDetails::OnCacheCollectionReady() {
|
| ClientMalwareReportRequest::Resource* pb_resource =
|
| report_->add_resources();
|
| pb_resource->CopyFrom(*(it->second));
|
| + const GURL url(pb_resource->url());
|
| + if (url.SchemeIs("https")) {
|
| + // Don't report headers of HTTPS requests since they may contain private
|
| + // cookies. We still retain the full URL.
|
| + DVLOG(1) << "Clearing out HTTPS resource: " << pb_resource->url();
|
| + pb_resource->clear_request();
|
| + pb_resource->clear_response();
|
| + // Keep id, parent_id, child_ids, and tag_name.
|
| + }
|
| }
|
| -
|
| report_->set_complete(cache_result_);
|
|
|
| // Send the report, using the SafeBrowsingService.
|
|
|
Chromium Code Reviews
Issue 923263002:
Report HTTPS links in MalwareDetails (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master