| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/ping_manager.h" | 5 #include "chrome/browser/safe_browsing/ping_manager.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
| 9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
| 11 #include "chrome/browser/net/certificate_error_reporter.h" |
| 11 #include "chrome/common/env_vars.h" | 12 #include "chrome/common/env_vars.h" |
| 12 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
| 13 #include "google_apis/google_api_keys.h" | 14 #include "google_apis/google_api_keys.h" |
| 14 #include "net/base/escape.h" | 15 #include "net/base/escape.h" |
| 15 #include "net/base/load_flags.h" | 16 #include "net/base/load_flags.h" |
| 17 #include "net/ssl/ssl_info.h" |
| 16 #include "net/url_request/url_fetcher.h" | 18 #include "net/url_request/url_fetcher.h" |
| 17 #include "net/url_request/url_request_context_getter.h" | 19 #include "net/url_request/url_request_context_getter.h" |
| 18 #include "net/url_request/url_request_status.h" | 20 #include "net/url_request/url_request_status.h" |
| 21 #include "url/gurl.h" |
| 19 | 22 |
| 23 using chrome_browser_net::CertificateErrorReporter; |
| 20 using content::BrowserThread; | 24 using content::BrowserThread; |
| 21 | 25 |
| 26 namespace { |
| 27 // URL to upload invalid certificate chain reports |
| 28 // TODO(estark): Fill this in with the real URL when live. |
| 29 const char kExtendedReportingUploadUrl[] = ""; |
| 30 } // namespace |
| 31 |
| 22 // SafeBrowsingPingManager implementation ---------------------------------- | 32 // SafeBrowsingPingManager implementation ---------------------------------- |
| 23 | 33 |
| 24 // static | 34 // static |
| 25 SafeBrowsingPingManager* SafeBrowsingPingManager::Create( | 35 SafeBrowsingPingManager* SafeBrowsingPingManager::Create( |
| 26 net::URLRequestContextGetter* request_context_getter, | 36 net::URLRequestContextGetter* request_context_getter, |
| 27 const SafeBrowsingProtocolConfig& config) { | 37 const SafeBrowsingProtocolConfig& config) { |
| 28 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 38 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 29 return new SafeBrowsingPingManager(request_context_getter, config); | 39 return new SafeBrowsingPingManager(request_context_getter, config); |
| 30 } | 40 } |
| 31 | 41 |
| 32 SafeBrowsingPingManager::SafeBrowsingPingManager( | 42 SafeBrowsingPingManager::SafeBrowsingPingManager( |
| 33 net::URLRequestContextGetter* request_context_getter, | 43 net::URLRequestContextGetter* request_context_getter, |
| 34 const SafeBrowsingProtocolConfig& config) | 44 const SafeBrowsingProtocolConfig& config) |
| 35 : client_name_(config.client_name), | 45 : client_name_(config.client_name), |
| 36 request_context_getter_(request_context_getter), | 46 request_context_getter_(request_context_getter), |
| 37 url_prefix_(config.url_prefix) { | 47 url_prefix_(config.url_prefix), |
| 48 certificate_error_reporter_( |
| 49 request_context_getter |
| 50 ? new CertificateErrorReporter( |
| 51 request_context_getter->GetURLRequestContext(), |
| 52 GURL(kExtendedReportingUploadUrl), |
| 53 CertificateErrorReporter::SEND_COOKIES) |
| 54 : nullptr) { |
| 38 DCHECK(!url_prefix_.empty()); | 55 DCHECK(!url_prefix_.empty()); |
| 39 | 56 |
| 40 version_ = SafeBrowsingProtocolManagerHelper::Version(); | 57 version_ = SafeBrowsingProtocolManagerHelper::Version(); |
| 41 } | 58 } |
| 42 | 59 |
| 43 SafeBrowsingPingManager::~SafeBrowsingPingManager() { | 60 SafeBrowsingPingManager::~SafeBrowsingPingManager() { |
| 44 // Delete in-progress safebrowsing reports (hits and details). | 61 // Delete in-progress safebrowsing reports (hits and details). |
| 45 STLDeleteContainerPointers(safebrowsing_reports_.begin(), | 62 STLDeleteContainerPointers(safebrowsing_reports_.begin(), |
| 46 safebrowsing_reports_.end()); | 63 safebrowsing_reports_.end()); |
| 47 } | 64 } |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 report_url, net::URLFetcher::POST, this); | 105 report_url, net::URLFetcher::POST, this); |
| 89 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); | 106 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); |
| 90 fetcher->SetRequestContext(request_context_getter_.get()); | 107 fetcher->SetRequestContext(request_context_getter_.get()); |
| 91 fetcher->SetUploadData("application/octet-stream", report); | 108 fetcher->SetUploadData("application/octet-stream", report); |
| 92 // Don't try too hard to send reports on failures. | 109 // Don't try too hard to send reports on failures. |
| 93 fetcher->SetAutomaticallyRetryOn5xx(false); | 110 fetcher->SetAutomaticallyRetryOn5xx(false); |
| 94 fetcher->Start(); | 111 fetcher->Start(); |
| 95 safebrowsing_reports_.insert(fetcher); | 112 safebrowsing_reports_.insert(fetcher); |
| 96 } | 113 } |
| 97 | 114 |
| 115 void SafeBrowsingPingManager::ReportInvalidCertificateChain( |
| 116 const std::string& hostname, |
| 117 const net::SSLInfo& ssl_info) { |
| 118 DCHECK(certificate_error_reporter_); |
| 119 certificate_error_reporter_->SendReport( |
| 120 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING, hostname, |
| 121 ssl_info); |
| 122 } |
| 123 |
| 124 void SafeBrowsingPingManager::SetCertificateErrorReporterForTesting( |
| 125 scoped_ptr<CertificateErrorReporter> certificate_error_reporter) { |
| 126 certificate_error_reporter_ = certificate_error_reporter.Pass(); |
| 127 } |
| 128 |
| 98 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( | 129 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( |
| 99 const GURL& malicious_url, const GURL& page_url, | 130 const GURL& malicious_url, const GURL& page_url, |
| 100 const GURL& referrer_url, bool is_subresource, | 131 const GURL& referrer_url, bool is_subresource, |
| 101 SBThreatType threat_type) const { | 132 SBThreatType threat_type) const { |
| 102 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE || | 133 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE || |
| 103 threat_type == SB_THREAT_TYPE_URL_PHISHING || | 134 threat_type == SB_THREAT_TYPE_URL_PHISHING || |
| 104 threat_type == SB_THREAT_TYPE_URL_UNWANTED || | 135 threat_type == SB_THREAT_TYPE_URL_UNWANTED || |
| 105 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL || | 136 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL || |
| 106 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL || | 137 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL || |
| 107 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL); | 138 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 144 url_prefix_.c_str(), | 175 url_prefix_.c_str(), |
| 145 client_name_.c_str(), | 176 client_name_.c_str(), |
| 146 version_.c_str()); | 177 version_.c_str()); |
| 147 std::string api_key = google_apis::GetAPIKey(); | 178 std::string api_key = google_apis::GetAPIKey(); |
| 148 if (!api_key.empty()) { | 179 if (!api_key.empty()) { |
| 149 base::StringAppendF(&url, "&key=%s", | 180 base::StringAppendF(&url, "&key=%s", |
| 150 net::EscapeQueryParamValue(api_key, true).c_str()); | 181 net::EscapeQueryParamValue(api_key, true).c_str()); |
| 151 } | 182 } |
| 152 return GURL(url); | 183 return GURL(url); |
| 153 } | 184 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 935663004:
Add checkbox for reporting invalid TLS/SSL cert chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master